Forgot your password?
typodupeerror
Cellphones Crime Handhelds Iphone Security IT

iPhone Jailbreak Modified Into CC Sniffing Malware 120

Posted by timothy
from the sniff-sniff-that's-very-sad dept.
chicksdaddy writes "In a presentation at the ToorCon Hacking Conference in San Diego on Saturday, Eric Monti, a Senior Researcher at Trustwave's Spider Labs, demonstrated how to turn the popular JailbreakMe Tool for iPhones and iPads into stealthy rootkit-style malware that can monitor voice and video activity or intercept sensitive data, such as credit card magnetic stripe data from an iPhone-based transaction."
This discussion has been archived. No new comments can be posted.

iPhone Jailbreak Modified Into CC Sniffing Malware

Comments Filter:
  • Yay! (Score:3, Funny)

    by Eddi3 (1046882) on Sunday October 24, 2010 @01:00PM (#34004814) Homepage Journal
    Viruses for the iphone!
    • Re:Yay! (Score:5, Funny)

      by sockman (133264) on Sunday October 24, 2010 @01:02PM (#34004818)

      There's an app for that.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      It's a trojan, not a virus. The iPhone can't get infected by simply browsing to a website. You have to manually install it.

      In my book, it's just another tool for Apple's marketing department: don't use jailbreaking tools, they're trojans that will steal your personal information!

      • Re:Yay! (Score:5, Informative)

        by Anonymous Coward on Sunday October 24, 2010 @01:30PM (#34005022)

        >>> The iPhone can't get infected by simply browsing to a website.

        Well, there was a jailbreak to do just that before :)

        It may be patched, but I'm sure we'll see the likes of it or something similar again...

      • by mcgrew (92797) *

        The parent is right, it's a trojan and not a virus. But it's still malware, and dangerous.

        And I'm sure the aluminum hat crowd will be sure Apple wrote this, and the sane have to wonder. I'll bet Apple hates this.

      • This just in: Executing code that others have written allows that code to perform in the manner in which it was written!
      • Re:Yay! (Score:5, Informative)

        by Jaime2 (824950) on Sunday October 24, 2010 @03:03PM (#34005594)
        Two past jailbreaks worked with a website based infection. The vulnerability behind the second one has been around since day one, but was never discovered by Apple (at least never fixed by Apple) or publicly disclosed by the jailbreak community. Who's to say that there isn't another one or that the hole that was around for years wasn't actually used for evil?

        As a technical note the recent hole was a vulnerability in the PDF viewer and only required the user to view an infected PDF.

        On another note, you didn't have to jailbreak to be vulnerable. Apple only patched versions of the OS that it felt like supporting, but the jailbreak community patched all versions. So, jailbreakers are actually safer. To this day, if you have an old enough iPhone that is not jailbroken, you are julnerable to a website based attack.
        • by RulerOf (975607) on Sunday October 24, 2010 @05:31PM (#34006588)

          Apple only patched versions of the OS that it felt like supporting, but the jailbreak community patched all versions.

          Not only were all jailbroken iOS devices patched (if the patch was installed, that is), but they were patched much faster than "vanilla" devices.

          Saurik released the patch within days of jailbreakme's debut. It took Apple almost two weeks. Two weeks during which there were a metric fuckton of jailbroken iPhone 4's on display in just about every Apple store on the planet, which I think is fucking hilarious. I wonder if Jobs had those phones tossed into a pit of fire to keep up the "r00t is bad for you, good for us" charade.

          [offtopic]
          Anyone else want to see some legislation that prevents companies like Apple from voiding a warranty on Hardware based on the software you run on it? I mean, that would be like refusing the warranty on a laptop with a broken hinge because it had Linux on it... Oh wait a minute... [hexus.net]
          [/offtopic]

      • by bonch (38532)

        There was a jailbreak that did allow infection by visiting a website. But hey, you're yet another mysterious, anonymous poster bashing Apple for being closed. I'm sure you won't be posting multiple times here...

        • Re: (Score:1, Troll)

          by hairyfeet (841228)
          Well I'm not that guy, as I think ACs are the cancer killing /. and making it too much like the chans, but it seems to me the solution would be allowing an "end run" like Apple did with iTunes DRM. What they should do is put a button in the options that says "If you type in your name in this box and pick yes the phone is officially jailbroken. We hold NO responsibility for it any more, you void the warranty, blah blah blah all the legalese" and if the owner follows the instructions he/she has a broken phone
          • by denzacar (181829)

            Well I'm not that guy, as I think ACs are the cancer killing /. and making it too much like the chans

            You do realize how hilarious that sounds from someone so high up the ID ladder?
            I mean.. if ACs were 'cancer killing Slashdot' - how did you get here?
            Fuck... How did I get here? Shouldn't this place have been dead somewhere around 30k accounts?

            but it seems to me the solution would be allowing an "end run" like Apple did with iTunes DRM. What they should do is put a button in the options that says "If you type in your name in this box and pick yes the phone is officially jailbroken. We hold NO responsibility for it any more, you void the warranty, blah blah blah all the legalese" and if the owner follows the instructions he/she has a broken phone and is on their own. This would allow Apple to have a legal way to disolve any responibility for the phone, while allowing the owner to do what they want with the phone. Better than having to have users "hack" their phones and risk Apple iPhone becoming a haven for malware pretending to be jailbreaking tools. Seems like a win/win to me.

            Seriously... Do you do stand-up in your free time?

            But please... do keep it up. This place COULD use some naivete.
            We are all WAY to cynical.

            • by hairyfeet (841228)

              Actually I've been lurking around here since the late 90s, I just never bothered to make an account because I didn't feel I had something to contribute, and therefor didn't actually make an account until a user posted a question needing help with a Windows bug I had dealt with and knew and easy workaround, since many here on /. are old Unix greybeards and I'm the token windows greybeard.

              And what EXACTLY is so funny about my suggestion? Electronic signatures have been recognized in all 50 states. I don't see

              • by denzacar (181829)

                There... you're doing it again.

                The 'funny' part is in the fact that you are treating this as if it is a technical problem with a technical solution.
                Namely, "let's wash our hands off this and give them a jailbreak button"-solution. It isn't.

                Apple is a corporation - first and foremost.
                THEN, after we establish that, we determine what kind of a corporation they are this day, month, decade... Are they more into technical business, artistic, musical, IP rights... etc.
                Being a corporation, their main (possibly only

  • Yes, and Adobe Photoshop could be modified to become a program that indoctrinates me in Marxist philosophy. What's the point? That a user installing an application needs to trust its source? This has been true ever since there has been third party software.

    Shame on Slashdot for pushing this.

    • Re: (Score:2, Funny)

      by IB4Student (1885914)
      A lot of people who have Apple things think that they can go to whatever websites they want and download whatever the hell they want because they "can't get viruses". One of my friends on facebook got clickjacked and posted some .ru site, and a lot of people commented saying to not click on it because it is a virus, and then some guy said "lol i clicked on it anyway becuase i'm on a mac so i can't get a virus". -_- But, yeah, I think that we should all work together as a family to help people not get infec
    • by icebike (68054)

      Yes, and Adobe Photoshop could be modified to become a program that indoctrinates me in Marxist philosophy. What's the point? That a user installing an application needs to trust its source? This has been true ever since there has been third party software.

      Shame on Slashdot for pushing this.

      And shame on Trustwave for shilling for Apple.
      I'd like to follow the money, but we'll never get the chance.

    • Re: (Score:3, Funny)

      Adobe Photoshop could be modified to become a program that indoctrinates me in Marxist philosophy.

      I fooled them. I use GIMP which is put out by the very capitalistic ... Ah, I see how this works now.

    • by Kvasio (127200)

      Yurij, is that you?

  • Fluff piece. (Score:3, Insightful)

    by Bill_the_Engineer (772575) on Sunday October 24, 2010 @01:24PM (#34004970)

    The researcher took the obvious step of adding malware code to a jail break program. While the article reports that the Jailbreak app will lead the way for more malware, it also stated this which contradicts:

    The program is harmless and the vulnerabilities in question were patched by Apple in early August. However, Monti warns that more and more high value applications on the iPhone will increase the attractiveness of the platform for malicious parties, including banking and e-commerce.

    Emphasis mine.

    Also the "more and more high value" application line warrants a "no shit sherlock". Willie Sutton robbed banks because that was where the money was.

    Basically this just shows that you need to know the risks before you jailbreak your phone. This is true for any phone OS, since jailbreak is a political term for rooting. Check the source (as in where you downloaded) and compare the binary with a known reliable hash (eg. MD5, etc). When you leave the comforts of the installed ROM, you need to be more vigilant about your security.

    • Re:Fluff piece. (Score:4, Informative)

      by Anonymous Coward on Sunday October 24, 2010 @01:39PM (#34005070)

      Notice that the remote hole in iOS up to 4.0.1 can be exploited by any site. You do not have to accept the exploit, it can simply install itself in secret. So anyone on firmware lower than 4.0.2 should either upgrade their iOS, or stop using the internet, or jailbreak, after which they can install the unofficial patch from Cydia. For original iPhone users only the latter two options are available.

    • by Fnord666 (889225)

      This is true for any phone OS, since jailbreak is a political term for rooting.

      I thought that jailbreaking meant getting your process access to parts of the file system outside of the chroot() jail, whereas rooting meant getting root access for your process. Is this always the same thing or does one require the other on all phone OSes?

    • I'd wager that for most people, there's no reliable way to "check your source" for most apps offering "something for nothing" (ie, cracks, rooting, jailbreaking, etc). Many are written by anonymous entities and distributed diffusely to avoid the wrath of whoever produces the device they're trying to circumvent. In some instances there's a reliable distributor, but in many cases not.

      But I also wonder if going after a jailbeak app as a target they might be going after the right audience -- people willing to

  • by Windwraith (932426)

    There are too many Apple things as of late. I get the feeling we aren't getting other news because of them.
    Not saying it's good or bad but it's making my feel reader feel like I am following an Apple-only site, which is not the purpose of Slashdot.

    • I'm sure other media outlets will provide a more balanced view of the technology industry.

      http://www.macobserver.com/tmo/article/pew_no_one_gets_more_coverage_than_apple1/ [macobserver.com]

      Or not.

    • by Yvan256 (722131)

      If other companies make worthwhile things, we will read about them too. I'm sure in a few hours some Linux distro will release a new version, hackers will find yet another hole in a Microsoft product, Sony will find yet another way to piss off their customers or Square-Enix will announce they're doubling the monthly fees of Final Fantasy XIV.

    • Re: (Score:1, Troll)

      by melikamp (631205)

      Hey that's fine, let's just turn this into an advantage by taking every opportunity to point out what is wrong with Apple's software environment. I'll start.

      The biggest piece of malware running on your iPhone is the OS itself. You cannot remove it, you cannot disable it, you cannot cut out the parts you don't need. iPhone is, at best, a play-toy: nothing serious should be done with that device. Apple can see everything you are doing with your iPhone at will. Apple is literally looking over your shoulder w

    • by couchslug (175151)

      "which is not the purpose of Slashdot."

      Well, WASN'T the purpose of Slashdot, which is morphing into AppleIdleDot.

  • Obviously, if you're going to use pirated or [i]any[/i] other illegal kind of software, you are owned by the malware that comes with it 90%. (That's why I stopped using pirated Windows ten years ago when internet-aware malware became popular -- I didn't want to share my credit card numbers and passwords with the pirates.)

  • Replace "Apple" with any other technology company name and it basically holds true for them as well.

    Sony/PS3
    MS/Windows
    Google/Andriod
    ..etc.

    Do I need to change my bookmark for slashdot.org to fuddot.org?

  • demonstrated how to turn the popular JailbreakMe Tool for iPhones and iPads into stealthy rootkit-style malware

    The authors of JailBreakMe should be scorning this act and sending legal threats (if possible) to the people contorting their Jailbreak software into a malware infection tool.

    Apple is going to finally stand up, take notice, and kill the jailbreaking software, to public applause, if malware starts taking advantage of it, it will be more than a theoretical matter of security.

    That is, things l

    • Re: (Score:3, Insightful)

      by ekhben (628371)

      I will applaud Apple for closing any hole used to jailbreak without a USB cable involved, whether it gets to malware stage or not.

      Apple seem to respond faster to these sorts of vulnerabilities than they do to ones that are only usable if you have physical control over the device, so I don't think there's any cause for concern that Apple will step up their counter-jailbreak programme if theoretical attacks become reality.

  • And to think... (Score:2, Insightful)

    by Anonymous Coward

    If Apple would just sell the thing SIM unlocked and with sideloading of apps, this wouldn't be a problem!

    Heaven forbid Apple actually be forced to sell the thing on its merits and not have to resort to anti-competitive nonsense.

    • by Alioth (221270)

      They *do* sell it SIM unlocked, it's right there in the Apple store website (certainly the Apple Store UK website). It is rather expensive when not subsidised by your phone carrier though.

  • Apple stopped firmware updates for iPhone2G (edge). It is blocked at iOS313, forever.
    So, iPhone2G misses a lot of security updates. The old edge iPhone is really full of holes.
    And nobody will secure it.
    Steve, please, help !!

    • by Arthur Grumbine (1086397) on Sunday October 24, 2010 @06:53PM (#34007036) Journal

      Apple stopped firmware updates for iPhone2G (edge). It is blocked at iOS313, forever.
      So, iPhone2G misses a lot of security updates. The old edge iPhone is really full of holes.
      And nobody will secure it.
      Steve, please, help !!

      You appear to have not purchased a new iPhone in over two whole years. I don't know what backwoods, 3rd world nation you come from that you expect the most expensive phone you've ever purchased to last more than two years, but you are obviously not our target demographic. Thank you for your money, and please return to us when you are willing to follow our clearly laid out expectations for making new purchases/upgrades.
      Cheers!
      Steve J.

      • by vux984 (928602)

        You appear to have not purchased a new iPhone in over two whole years

        It certainly wasn't my idea to commit to a 3 year contract, but that was the only option they gave me at the time.

  • A device that must be broken into in order to gain full control of it will never be as secure as one that is open by default.

    • Re: (Score:2, Insightful)

      by melikamp (631205)
      Rooting an iPhone does not give you full control over the device. At best, you get to run your code with the highest privilege, but you are still stuck with an opaque proprietary OS that will spy on you around the clock. No amount of rooting will help you to get rid of malicious "features" programmed by Apple itself.
    • by Duradin (1261418)

      True, it's hard to hack something that's not on the market or not worth it for things that have a minuscule market share.

  • and they say that the iPhone can't do things that Android [google.com] and WinMo [google.com] can do!
  • Wonderful. This is one more thing apple can use to bitch about while ripping on people who jailbreak. What a douche.
  • Did anyone else notice that the iPhone apparently has a credit card reader in it? Wow, I guess they really are revolutionary devices!

"Ahead warp factor 1" - Captain Kirk

Working...