Anyone experience Virus/Malware attacks after JB

Discussion in 'Jailbreaks and iOS Hacks' started by flavouringlife, Aug 24, 2010.

  1. flavouringlife macrumors newbie

    flavouringlife

    Joined:
    Aug 24, 2010
    Location:
    Australia
    #1
    Just read and article and realised the Ikee Virus.

    "..hacking a phone can leave it open to attacks from viruses and other malware. These included the Ikee virus, a worm Called Duh and most recently , tainted PDF documents that allowed access to the phone’s software..."
    *link deleted

    Have anyone experience this or heard any? Is a myth or truth?
     
  2. moussekateer macrumors 6502a

    moussekateer

    Joined:
    May 12, 2009
    #2
    Ikee and Duh were worms that infected iPhones that met the following conditions. 1) They were on the same wifi network. 2) They had SSH installed and turned on. 3) The default password was left unchanged.

    The PDF exploit was one of the exploits used in the jailbreakme.com jailbreak. Everyone pre 4.0.2 was vulnerable, jailbroken or not. Someone could use it to write a malicious payload but as long as you're on 4.0.2 or you've installed the PDF patch from Cydia you're immune.
     
  3. crawfish963 macrumors 6502

    crawfish963

    Joined:
    Apr 16, 2010
    Location:
    Texas
    #3
    Pretty irrelevant issue IMO. Like the previous poster said, too many requirements for it to happen to make it possible. Eventually 4.1 will be out and then jailbroken and it won't matter anyways.
     
  4. Hemmo macrumors regular

    Joined:
    Aug 22, 2010
    #4
    who keeps ssh on ? who dosent change ssh password!? wooot!
     
  5. dhlizard macrumors G4

    dhlizard

    Joined:
    Mar 16, 2009
    Location:
    The Jailbreak Community
    #5
    More than you imagine.

    Same group of people who jailbreak, but won't save hashes (too much effort to do it or read anything about it ?)
     
  6. D1G1T4L macrumors 68000

    D1G1T4L

    Joined:
    Jun 26, 2007
    Location:
    Phoenix, AZ
    #6
    Keeping SSH on can be a good thing if you have problems.
     
  7. kAoTiX macrumors 6502

    kAoTiX

    Joined:
    Oct 14, 2008
    Location:
    Midlands, UK
    #7
    Ignorance is bliss.

    If the PDF exploit were on a mac (which it was/is) or a windows PC for instance, people would be all over it. There would be worms exploiting it left right and center.

    Just because people see an iPhone as more of a closed device doesnt mean it is not a target for such attacks.

    Lets be fair, if jailbreakme didn't have a 'slide to jailbreak' it could have been executed without any interaction from the user and comex could have jailbroken peoples iPhones willy nilly.
     
  8. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #8
    Exactly. I always keep SSH on. I just make sure I change my passwords. SSH is pretty strong and there are only rare occasions that an unauthorized login will even be attempted. Heck, my home servers have SSH running 24/7! Not that you know the valid usernames or passwords or even the domain. :D
     
  9. thep33t macrumors regular

    Joined:
    Jun 18, 2009
    #9
    I read first line (after adjusting my eyes to that god-awful site,) saw something about bricking the phone, LOL'ed, and closed the tab.
     
  10. Cinemagic macrumors 6502

    Joined:
    Sep 26, 2007
    #10
    Change the SSH password - as has been posted everywhere - and on Cydia, plug the PDF exploit and you're good to go.
     
  11. doboy macrumors 68000

    Joined:
    Jul 6, 2007
    #11
    SSH turns on automatically when you reboot, but not when respring. Little irritating.
     
  12. dgstan macrumors 6502a

    Joined:
    Jun 29, 2010
    #12
    I'm surprised there's not a utility that will turn it off automatically if it's not in use.
     
  13. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #13
    If it's off it's impossible to be in-use...

    The daemon sits sleeping until there is an incoming authentication on the port. When that happens the server fires up and attempts to authenticate.

    Basically, if you change your password there is no reason to turn off SSH. If your springboard gets thrown into a re-spring loop, it's nice to be able to SSH in when you're home (assuming you left Wifi on).
     
  14. TMar macrumors 68000

    TMar

    Joined:
    Jul 20, 2008
    Location:
    Ky
  15. maturola macrumors 68040

    maturola

    Joined:
    Oct 29, 2007
    Location:
    Atlanta, GA
    #15
    Ikee remind me of Michelangelo virus back in the day :D:D:D:D:D:D Good times!
     
  16. gatearray macrumors 65816

    Joined:
    Apr 24, 2010
    #16
    Fraudulently linking to your own blog???

    Is this against the forum rules? If not, it should be.

    The OP posted such an innocent sounding question, preceded by a quote from himself taken from his own "flavouringlife" blog as if he read it from a newsworthy source and it really got him thinkin' or something. I checked history and saw another thread he started, predictably linking to his own blog, as well.

    For the reference of future trolls, it might be a better idea to make your forum name different than the name of the "blog" you'll be constantly linking to. I have to say that you did learn some cool jailbreak buzzwords from reading this forum a bit, though. "Bricked"...

    Although even funnier is to read the subsequent posts harshly bashing the blog's writer's skills and knowledge, completely ignoring the fact that the author is the OP himself! :)
     
  17. moussekateer macrumors 6502a

    moussekateer

    Joined:
    May 12, 2009
    #17
    Oops how did we miss that, nice catch. I consider it very unethical to mislead people into visiting your blog to get pageviews. He asks a question that he's answered himself on his blog. I think his post should be deleted in light of this.
     
  18. flavouringlife thread starter macrumors newbie

    flavouringlife

    Joined:
    Aug 24, 2010
    Location:
    Australia
    #18

    So sorry if i break the rules or offended you by posting something you dod't like. I just try to share some article i read and not in the net. I can type here but is long article, will not post anything to share in this blog again if that is the restriction. But before that, this is really some info coming after i post the article. Click to see if this is the real Virus attack? (this link is not my Blog)
     
  19. moussekateer macrumors 6502a

    moussekateer

    Joined:
    May 12, 2009
    #19
    It's not about whether we like the content or not. It's that you passed it off as an article you had come across when it was in fact your very own blog.

     
  20. thelatinist macrumors 603

    thelatinist

    Joined:
    Aug 15, 2009
    Location:
    Connecticut, USA
    #20
    No, it's a thread that links to your blog. It's still shameless linkspam.
     
  21. gatearray macrumors 65816

    Joined:
    Apr 24, 2010
    #21
    Share some article you read???

    What on earth are you talking about flavouringlife of the infamous flavouringlife blog? You wrote that article, do you mean "that you proof-read" it and wanted to share? Sheesh...

    You really must think we are all stupid, or something, but the jig is up! :)

    EDIT: I'm sorry, maybe you meant "write" instead of "read" in your reply. If English is not your native language and you're a little confused, my apologies, but it's still not cool to post linkbait around here.
     
  22. flavouringlife thread starter macrumors newbie

    flavouringlife

    Joined:
    Aug 24, 2010
    Location:
    Australia
    #22
    It is an article that source from Harald Sun i read in local news paper. And that is what i mean in my reply. Don't assumed if you are not sure.
    Finally, i have deleted the link and once again if this offended the rules, my sincere apologies. (Lesson learned, will not post again)
     
  23. Marky macrumors regular

    Joined:
    Jan 4, 2005
    #23
    Apologies for what is certainly a stupid question, I researched it just after Jailbreaking but I just have some nagging doubts.

    I haven't specifically downloaded via Cydia or Rock any app/code etc called SSH or SSH settings or anything like that. I therefore have no need let alone capability of changing the default password as I don't have SSH installed.

    Correct? Or have I completly mis-understood how this SSH thing works?

    For info only J/B apps loaded are Cydia, Rock, MyWi, Bite Sms, Cyntact, iBlacklist, WiFi sync, the PDF Patch and intelliscreen.

    There is nothing in Manage in Cydia for example that goes by the name SSH.

    Again apologies if I'm being stupid but just want to obliterate those nagging doubts.

    Kind regards
    Mark
     
  24. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #24
    Just change your password anyway. Even if you don't have ssh installed.

    Download MobileTerminal and follow the same steps on your phone.

    As for the OP... That link you posted to the other forum was just you spreading more FUD!

    Jailbroken phones are not more vulnerable to the PDF exploit. The exploit is only USED to jailbreak phones.
     
  25. moussekateer macrumors 6502a

    moussekateer

    Joined:
    May 12, 2009
    #25
    You don't have SSH installed. But to be honest you're better off installing SSH and changing the passwords. SSH is super useful for fixing problems that may arise with your phone, where the only alternative would be to restore every time.
     

Share This Page