There have been fresh reports of a new wave of iPhone attacks, following the infamous ‘Rick Astley’ Ikee worm that affected iPhone users earlier this week.
According to Symantec, this new attack involves a hacktool (software designed to continuously submit multiple connection requests to a specific target) being used to attack jailbroken iPhones. This tool is taking advantage of the same default SSH password as Ikee.
The hacktool is being installed on an attacking computer, not on the iPhone. It allows an attacker to scan a network and then attempt to log in to devices using the iPhone’s default SSH password. Hackers can then steal any data from a compromised device including emails, text messages, contacts and photos, with complete control over the device.
It is unlikely the phone’s owner will notice anything that will alert them to the compromise, unlike the way the Ikee worm alerted iPhone users to the fact they were infected by changing the wallpaper to a photo of Rick Astley. In this case, there is no such outward indication that something is wrong.
Trend Mirco Threat Researchers have confirmed that the source code from the Ikee worm has now gone global and is publically available, with the modification of the code likely to work on other countries networks.
According to David Peterson, Trend Micro consumer director, Australia and New Zealand, being affected by this worm is like “smashing your car window to get the keys, not getting the window repaired and then wondering where your CD player went.”
Users are advised to be aware of the risks associated with jailbreaking iPhones, as Trend Micro reports that the Ikee threat only affected those users who broke their agreement with Apple, by ‘jailbreaking’ the phone to allow new programs to run on it.
People who read this, also liked:
iPhone worm on the loose