Are there any viruses capable of writing in my notes application???

Discussion in 'Jailbreaks and iOS Hacks' started by bryancorteen, Sep 9, 2010.

  1. bryancorteen macrumors newbie

    Joined:
    Sep 9, 2010
    #1
    I have had a rather random note added into my notes application on my iphone 3gs 16gb. I didn't write it and no one else had access to my phone at the time. It read like an personals advert, seeking sexual partners! Are there any viruses that are capable of doing this? if so, what else can it do? and how do i remove it? Any help would be much appreciated.

    many thanks

    Bryan
     
  2. err404 macrumors 68020

    Joined:
    Mar 4, 2007
    #2
    I'm not aware of any, but it's very possible. A couple of things...
    Do you have SSH installed? If so did you change your password?
    Did you apply the patch for the PDF exploit?

    While there may not be anything wrong with your phone other then the note DB being modified, there unfortunately isn't much that you can do to be absolutely sure that you're clean short of a wipe and starting over (w/o a restore).
     
  3. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
  4. err404 macrumors 68020

    Joined:
    Mar 4, 2007
    #4
    ^Or this.:rolleyes:
     
  5. maturola macrumors 68040

    maturola

    Joined:
    Oct 29, 2007
    Location:
    Atlanta, GA
    #5
    It is possible to write script to do that, the API to write to notes is build-in, however I doubt it very much that you got that (unless you have been installing pirated/Stolen IPAs them anything is possible).

    Chances are as mentioned before someone is messing up with you, make sure to Passcode your iPhone.
     
  6. m3coolpix macrumors 6502a

    m3coolpix

    Joined:
    Dec 24, 2007
    #6
    Ditto. I have the passcode lock and set it for 5 minutes and ten tries or it wipes the phone.

    With iOS4's 'backgrounded/multitasking' feature now.....using a Passcode is almost a necessity.

    For example, this morning I just noticed that Paypal's app stays open and logged in on the iP4. I ended up making an exception rule via Backgrounder for every finance app I have.

    There are some severe consequences of losing your iPhone now if you don't use the passcode lock and have any financial or password apps on it!
     
  7. MikePA macrumors 68020

    MikePA

    Joined:
    Aug 17, 2008
    #7
    No

    N/A

    N/A

    You're welcome.
     
  8. Dangeresque macrumors newbie

    Dangeresque

    Joined:
    Aug 24, 2007
    Location:
    San Diego, CA
    #8
    I think you guys are missing something: if you sync your notes up to your IMAP email server (say, Gmail for instance) then it's possible that you accidentally added the "Notes" label to the message in your mail client. This could just be some spam from your email that you inadvertently mis-labeled.

    ...or, you know... your friends are messing with you. Seems like an odd prank, though.
     
  9. err404 macrumors 68020

    Joined:
    Mar 4, 2007
    #9

    The nature of the "Spam" in his notes is worrisome when combined with potential holes in the OS.
    I think a lot of these posts are taking a naive position on the security of iOS on a JailBroken handset. As I mentioned before, off the top of my head I could think of two well documented entry points an attacker could use to compromise a significant percentage of JB phones.
    1) Many JB phone have SSH installed and running. Since it's common for users w/o terminal experience to leave the default password, a malicious worm could simply login with full control of the device. This type of attack is already in the wild and becoming somewhat common in some countries.
    2) Since JB currently only works on < 4.02, unless OP took specific action to plug the PDF exploit, any code could be run on his hand set from a malicious site.

    Alternately if OP is syncing notes via an email account, it could be his e-mail that was compromised.

    Phones carry a lot of sensitive information and it's bad advice to recommend OP ignore a red-flag simply because you suspect his friends; even though OP said that nobody had access to his phone when the message appeared.
     
  10. MikePA macrumors 68020

    MikePA

    Joined:
    Aug 17, 2008
    #10
    You are assuming what happened to the OP is a red flag. If his friends are any good at pranks, he is reacting just the way they hoped he would, i.e., completely dumbfounded.

    People have to think through this and not have a simplistic, knee jerk reaction to the virus bogeyman. You have to love posters who call anyone who doesn't take this seriously as being naive. A devious hacker breaks into the OPs phone only to leave a porno advertisement in the Notes application? How'd the hacker get in? SSH through the guys wireless connection at home? Over the 3G connection while out and about? In what countries is the SSH attack becoming 'common'?
     
  11. err404 macrumors 68020

    Joined:
    Mar 4, 2007
    #11
    A devious hacker creates a bot.net and sells payloads to anybody ready to pay, even porn sites.
    Look up ikee.B or Privacy.A. There are active iPhone bot.nets spreading in Australia, the Netherlands, Hungary, Portugal and Brazil among others.
    OP, ignore it if you want. It's your phone.
     

Share This Page