A genuine worm threat has been detected for the Apple iPhone that operates by stealth and allows hackers to steal from a jailbroken iPhone or iPod touch.
Following the ikee worm that was released as a prank by Ashley Towns earlier this week, the new worm operates by stealth and does not make any immediate changes to the user's device.
Classified as iPhone/Privacy.A by Intego, it claimed that this is far more dangerous than the ikee worm as it takes advantage of the same vulnerability in the iPhone as the ikee worm, allowing hackers to connect to any jailbroken iPhone or iPod touch whose owners have not changed the root password.
Intego spokesperson Peter James claimed on its blog page: “When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos - as well as any data recorded by any iPhone app.
“Unlike the ikee worm, which signals its presence by changing the iPhone's wallpaper, this hacker tool gives no indication that it has invaded an iPhone. Hackers using this tool will install it on a computer – Mac, PC, Unix or Linux – then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it.”
Intego claimed that the tool could be easily installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or by a hacker who sat in an internet café and let his computer scan all iPhones that come within the range of the WiFi network in search of data.
It claimed that its Intego VirusBarrier X5 detects and eradicates this program on Macs, and while it is not possible to protect the iPhone from this hacker tool – it does not install anything on an iPhone – VirusBarrier X5 can ensure that Macs, especially in businesses, are protected from this hacker tool being installed.
David Harley, director of malware intelligence at ESET, said: “Intego are, quite rightly, pointing out the dangers of jailbreaking. If you do have a jailbroken iPhone, you do need, at the very least, to change the root and mobile passwords as soon as possible.
“This threat is rated as low risk by Intego, and I think that's about right at present. However, the default password genie is well out of the bottle now, and iPhone owners need to consider the risk not only from the threats reported so far, but the potential risk from future threats using similar approaches. Forget all the verbiage about pranks: there's nothing funny about this.”