Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

New Malicious Worm Affects Jailbroken iPhones in Netherlands

dalvin200

macrumors 68040
Mar 24, 2006
3,453
36
Nottingham, UK
ok so you jailbreak your phone do the ssh thing automaticly get installed or is it something that the jailbreaker can install on is device?

you choose whether to install it or not...

even if you have it installed, u can remove it via Cydia..

if you do install, and use SSH, then obviously change the default password :)
 
Comment

pixelated

macrumors 6502a
Oct 21, 2008
713
0
classic fear mongering. I understand that this is a problem, but why sensationalise it instead of reporting the facts. my favourite part is;
"Users who have installed SSH and not changed the password are especially at risk"
Surely they are the only ones at risk??
 
Comment

darngooddesign

macrumors G4
Jul 4, 2007
10,076
833
Atlanta, GA
Actually that didn't sound like sensationalization to me, and in the case of people who haven't done the obvious and changed the password perhaps it should be embiggened to some degree.
 
Comment

pixelated

macrumors 6502a
Oct 21, 2008
713
0
Actually that didn't sound like sensationalization to me, and in the case of people who haven't done the obvious and changed the password perhaps it should be embiggened to some degree.

well yes, or simply a report written for those who are effected, namely jail broken iphone users, as i would imagine the majority of people just don't care.
(embiggened, lol, are you referencing The Simpsons or string theory.)
 
Comment

MacRumors

macrumors bot
Apr 12, 2001
51,543
13,169
New Malicious Worm Affects Jailbroken iPhones in Netherlands

https://www.macrumors.com/images/macrumorsthreadlogodarkd.png

BBC reports that a second worm has been discovered that attacks certain jailbroken iPhones. The malicious software was discovered by security company F-Secure but appears to be isolated and specific to the Netherlands.
It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank's customers to a lookalike site with a log-in screen.
F-Secure estimates the number of affected phones to be only in the "hundreds" at this point, though it could theoretically spread. The worm appears to exploit the same users as the harmless Australian worm which displayed a photograph of popsinger Rick Astley. Only individuals who had specifically jailbroken their iPhones, installed SSH and not changed the default password.

This particular worm, however, is potentially far more serious as according to F-Secure it also "enables the phone to be accessed or controlled remotely without the permission of its owner."

Article Link: New Malicious Worm Affects Jailbroken iPhones in Netherlands
 
Comment

Bill&Rose

macrumors member
Aug 23, 2008
77
0
Is Apple behind these worms? They have been going after everyone and everything they think infringes on them.

I would not put it past Steve Jobs to have a small team that writes these worms.
 
Comment

yettimillan

macrumors regular
May 28, 2009
185
0
This is slightly putting me off of getting the iPhone, but if its only jailbroken iPhones. Clearly apples security is good its just when people illegally jailbreak them that the security fails.
 
Comment

Bill&Rose

macrumors member
Aug 23, 2008
77
0
This is slightly putting me off of getting the iPhone, but if its only jailbroken iPhones. Clearly apples security is good its just when people illegally jailbreak them that the security fails.

If they can get to a phone outside the AT&T network they can get to the same phones inside the AT&T network, me thinks this worm has originated from inside of Apple.

This one is only due to owners not changing the default pass word. That tells me it could also effect the other iPhones on the AT&T network, and lends credibility that Apple may very well be behind this.

Who else would spend the time to go after such a small user base as jailbreak iPhones.

Makes you wonder!
 
Comment

lamadude

macrumors 6502
Jan 12, 2006
432
0
Brussels, BE
It's quite obvious that if you have the password for somebody's SSH you can do pretty much anything you want with it. There is nothing unsafe about jailbreaking your iPhone in itself. It's like posting your bank password online and then being surprised that the money is gone.
 
Comment

Sky Blue

Guest
Jan 8, 2005
6,856
10
If they can get to a phone outside the AT&T network they can get to the same phones inside the AT&T network, me thinks this worm has originated from inside of Apple.

Is Apple behind these worms? They have been going after everyone and everything they think infringes on them.


 
Comment

madrag

macrumors 6502
Nov 2, 2007
361
72
sad...

it's sadder to find out that people don't change their password, but that's probably due to the lack of full (including the pass change) instructions of the jailbrake?

If I had an iPhone I would definitely jailbreake it, but I would do it only after getting all the details of the process.

I doubt this one came from apple, it's just another bastard taking advantage of the hole (BTW, I'm sure the iPhone is solid, it's just when jailbroken that it becomes more prone to entry). The other bastard that made the first worm thaught he was doing a favour to the community to "warn" about this exploit?
Nicelly done, backfire on us all :(
 
Comment

Montserrat

macrumors regular
Jun 10, 2004
224
0
UK
If they can get to a phone outside the AT&T network they can get to the same phones inside the AT&T network, me thinks this worm has originated from inside of Apple.

This one is only due to owners not changing the default pass word. That tells me it could also effect the other iPhones on the AT&T network, and lends credibility that Apple may very well be behind this.

Who else would spend the time to go after such a small user base as jailbreak iPhones.

Makes you wonder!

I must admit I thought your first post was a joke, but it occurs to me that you might be serious.

There is no way Apple could be behind this - essentially phishing by getting people to go to a 'lookalike site' as well as potentially creating a botnet - it's all highly illegal and would not be in Apple's interests. These people look like they're trying to get people's ING passwords.

Like lamadude says - if you don't change the SSH password after jailbreaking your phone you may as well post all your bank details and passwords online

EDIT: Skyblue said it better than I could ever have done
 
Comment

SVT Amateur

macrumors 6502
Dec 22, 2006
421
1
Tyler, Texas
I'm 100% sure this isn't from Apple. A big company isn't going to risk its reputation and risk legal action taken against them since this worm is equal to identity theft to go after users that jailbreak its phone. It will probably try to make it harder to jailbreak them but to truly believe that a company would go after its consumers like that is absurd.
 
Comment

yettimillan

macrumors regular
May 28, 2009
185
0
Coming from apple itself. Sounds very interesting. It would make people more worried about jailbreaking the iPhone but like me could also put me off.
 
Comment

Compile 'em all

macrumors 601
Apr 6, 2005
4,106
212
This affects only people that installed SSH AND didn't change its default password. SSH isn't installed by default when you jailbreak.
 
Comment

kAoTiX

macrumors 6502
Oct 14, 2008
487
0
Midlands, UK
This is good advertising for why jailbreaking is bad. Probably why Apple will say they are trying to stop people jailbreaking and how the people that make the software to allow this are ruining the iphone/ipod.

Shame that people in the jailbreaking community cannot prevent this in the first instance. Like require you to change your password upon installing SSH or something. I know it's not really the responsibility of these people to do this but I feel they should be obligated to do it as they are the ones opening the device up to this kind of attack regardless of 'guidelines' and things you should do.

Does no one agree that if jailbreaking didnt exist, this kind of attack would be near impossible on Apples closed platform?
 
Comment

iSee

macrumors 68040
Oct 25, 2004
3,527
253
Does this really count?

If it relies on people installing SSH and not changing the default password?

I'll be more nervous when malware with some real penetrating power shows up...
 
Comment

ss957916

macrumors 6502a
Jun 17, 2009
861
0
But why does Apple continue to prevent non-jailbroken iPhones from uploading custom SMS/Email tones, having wallpaper behind the home screen, changing icons etc.? That would go a long way to stopping people considering Jailbreaking.
 
Comment

yettimillan

macrumors regular
May 28, 2009
185
0
Does this really count?

If it relies on people installing SSH and not changing the default password?

I'll be more nervous when malware with some real penetrating power shows up...

Like another article said, malware coming directly from the appstore itself.
 
Comment

guzhogi

macrumors 68040
Aug 31, 2003
3,211
1,176
Wherever my feet take me…
Kinda sad that people would write worms for iPhones, or anything for that matter. Also sad that people smart enough to know what jailbreaking is & know how to do it don't think about changing the password.

I have an iPhone, but don't have it jailbroken. Don't really have a need to jailbreak it. It serves my needs. But I can see why some people do it. To each his own I guess.
 
Comment

kallisti

macrumors 68000
Apr 22, 2003
1,666
5,960
If they can get to a phone outside the AT&T network they can get to the same phones inside the AT&T network, me thinks this worm has originated from inside of Apple.

This one is only due to owners not changing the default pass word. That tells me it could also effect the other iPhones on the AT&T network, and lends credibility that Apple may very well be behind this.

Who else would spend the time to go after such a small user base as jailbreak iPhones.

Makes you wonder!

I think this may be one of the silliest posts I have ever read on this site. I simply cannot follow the logic here. I cannot think of a hypothetical situation where it would be in Apple's corporate best interest to develop and release a worm for the iPhone, jailbroken or not.
 
Comment

*LTD*

macrumors G4
Feb 5, 2009
10,703
1
Canada
Simple solution.

http://support.apple.com/kb/HT3743

Unauthorized modification of iPhone OS has been a major source of instability, disruption of services, and other issues

Last Modified: July 30, 2009
Article: HT3743

As designed by Apple, the iPhone OS ensures that the iPhone and iPod touch operate reliably. Some customers have not understood the risks of installing software that makes unauthorized modifications to the iPhone OS ("jailbreaking") on their iPhone or iPod touch. Customers who have installed software that makes these modifications have encountered numerous problems in the operation of their hacked iPhone or iPod touch. Examples of issues caused by these unauthorized modifications to the iPhone OS have included the following:


Device and application instability: Frequent and unexpected crashes of the device, crashes and freezes of built-in apps and third-party apps, and loss of data.

Unreliable voice and data: Dropped calls, slow or unreliable data connections, and delayed or inaccurate location data.

Disruption of services: Services such as Visual Voicemail, YouTube, Weather, and Stocks have been disrupted or no longer work on the device. Additionally, third-party apps that use the Apple Push Notification Service have had difficulty receiving notifications or received notifications that were intended for a different hacked device. Other push-based services such as MobileMe and Exchange have experienced problems synchronizing data with their respective servers.

Compromised security: Security compromises have been introduced by these modifications that could allow hackers to steal personal information, damage the device, attack the wireless network, or introduce malware or viruses.

Shortened battery life: The hacked software has caused an accelerated battery drain that shortens the operation of an iPhone or iPod touch on a single battery charge.

Inability to apply future software updates: Some unauthorized modifications have caused damage to the iPhone OS that is not repairable. This can result in the hacked iPhone or iPod touch becoming permanently inoperable when a future Apple-supplied iPhone OS update is installed.

Apple strongly cautions against installing any software that hacks the iPhone OS. It is also important to note that unauthorized modification of the iPhone OS is a violation of the iPhone end-user license agreement and because of this, Apple may deny service for an iPhone or iPod touch that has installed any unauthorized software.
 
Comment

baleensavage

macrumors 6502a
Aug 2, 2005
622
0
On an island in Maine
The most telling part for me is that this malware can potentially effect "hundreds." And this is BBC newsworthy why? Seriously, this has the potential to effect such a small group of people that the only reason that it is making headlines is because it is on an Apple product, never mind the fact that it's on a hacked Mac product.

As for Apple doing this...:p Making a virus, however pointless, is a crime. If Apple really cared about the jailbreaking community then they would take other steps to make it more difficult to jailbreak phones that are LEGAL and don't involve viruses.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.