iPhone worms can create mobile botnets2009.12.22 09:10 by Daniela
Tags: iPhone, SSH, malware
Security researchers have analyzed the code and design of recently discovered malware that targeted jailbroken iPhones. The code exists as a proof of concept that smartphones could easily be turned into a mobile botnet capable of stealing sensitive personal data.
So far, what little malware has been released for the iPhone has only affected the small percentage of folks who jailbreak and leave an SSH daemon running with the default root passwords. While some of these programs have been nothing but harmless pranks, a malicious version that attempted to create an iPhone botnet has been analyzed by researchers, leading them to conclude that mobile phones could quickly become a major target for malware writers.
The worms all started when a Dutch hacker decided to use port scanning to find iPhones with open SSH ports and default root passwords. He wrote a little program that would change the wallpaper to look as though a somewhat official-looking warning box had opened, which warned the user about running open SSH ports with default passwords. An Australian hacker then used the technique to create a worm that was self-replicating.
This version, iKee.A, replaced the wallpaper with a picture of Rick Astley—a sort of graphic rickroll. Then someone modified the iKee.A code to create the malicious iKee.B (aka iPhone/Privacy.A and iBotnet.A). It was initially designed to copy personal data and upload it to a server. However, at one point it was configured to use DNS cache poisoning to redirect ING banking customers to a phishing site and steal logins and passwords.
Read more -here-