Results 1 to 2 of 2

Thread: iPhone Hacker Tool Steals Data from Jailbroken Phones

  1. #1
    News
    Guest

    iPhone Hacker Tool Steals Data from Jailbroken Phones

    iPhone Hacker Tool Steals Data from Jailbroken Phones


    By: Brian Prince
    2009-11-11

    Researchers at Mac security firm Intego have uncovered a new tool
    hackers can use to steal data from jailbroken Apple iPhones. The tool
    leverages the same default password issue as the ikee worm targeting
    iPhone users in Australia.

    Security researchers have found a new tool targeting users of jailbroken
    iPhones.

    On the heels of the discovery of a worm targeting jailbroken iPhones in
    Australia, security researchers at Intego now say they have detected a
    program known as iPhone/Privacy.A that hackers can use to swipe personal
    data.

    The program does not get installed on the iPhone, but instead is a tool
    a hacker can install on any computer running Mac OS X, Windows, Linux or
    Unix. An attacker can use it to scan a wireless network for jailbroken
    iPhones and then exploit the same default SSH password issue leveraged
    by the ikee worm.

    “When connecting to a jailbroken iPhone, this tool allows a hacker to
    silently copy a treasure trove of user data from a compromised iPhone:
    e-mail, contacts, SMSs, calendars, photos, music files, videos, as well
    as any data recorded by any iPhone app,” according to the Intego
    advisory. “Unlike the ikee worm, which signals its presence by changing
    the iPhone's wallpaper, this hacker tool gives no indication that it has
    invaded an iPhone.”

    Unlike the ikee worm, which announced itself by changing the wallpaper
    once it was installed, this new tool does nothing to indicate to the
    iPhone user that their device has been compromised, Intego warns.

    “While it is not possible to protect the iPhone from this hacker tool -
    it does not install anything on an iPhone – VirusBarrier X5 can ensure
    that Macs, especially in businesses, are protected from this hacker tool
    being installed,” according to Intego. “We would like to stress that
    users who jailbreak their iPhones are exposing themselves to known
    vulnerabilities that are being exploited by code that is circulating in
    the wild.”

    However, the easy solution to this for those who want to jailbreak their
    iPhones is to change their root password. Instructions on how to do that
    can be found here.

    “The advice is loud and clear: if you jailbreak your iPhone, don't leave
    the default root password as "alpine" or you're asking for trouble,"
    Graham Clulely, senior technology consultant at Sophos, told eWEEK.


  2. #2
    GlowingBlueMist
    Guest

    Re: iPhone Hacker Tool Steals Data from Jailbroken Phones

    News wrote:
    > iPhone Hacker Tool Steals Data from Jailbroken Phones
    >
    >
    > By: Brian Prince
    > 2009-11-11
    >
    > Researchers at Mac security firm Intego have uncovered a new tool
    > hackers can use to steal data from jailbroken Apple iPhones. The tool
    > leverages the same default password issue as the ikee worm targeting
    > iPhone users in Australia.
    >
    > Security researchers have found a new tool targeting users of
    > jailbroken iPhones.
    >
    > On the heels of the discovery of a worm targeting jailbroken iPhones
    > in Australia, security researchers at Intego now say they have
    > detected a program known as iPhone/Privacy.A that hackers can use to
    > swipe personal data.
    >
    > The program does not get installed on the iPhone, but instead is a
    > tool a hacker can install on any computer running Mac OS X, Windows,
    > Linux or Unix. An attacker can use it to scan a wireless network for
    > jailbroken iPhones and then exploit the same default SSH password
    > issue leveraged by the ikee worm.
    >
    > “When connecting to a jailbroken iPhone, this tool allows a hacker to
    > silently copy a treasure trove of user data from a compromised iPhone:
    > e-mail, contacts, SMSs, calendars, photos, music files, videos, as
    > well as any data recorded by any iPhone app,” according to the Intego
    > advisory. “Unlike the ikee worm, which signals its presence by
    > changing the iPhone's wallpaper, this hacker tool gives no indication
    > that it has invaded an iPhone.”
    >
    > Unlike the ikee worm, which announced itself by changing the wallpaper
    > once it was installed, this new tool does nothing to indicate to the
    > iPhone user that their device has been compromised, Intego warns.
    >
    > “While it is not possible to protect the iPhone from this hacker tool
    > - it does not install anything on an iPhone – VirusBarrier X5 can
    > ensure that Macs, especially in businesses, are protected from this
    > hacker tool being installed,” according to Intego. “We would like to
    > stress that users who jailbreak their iPhones are exposing themselves
    > to known vulnerabilities that are being exploited by code that is
    > circulating in the wild.”
    >
    > However, the easy solution to this for those who want to jailbreak
    > their iPhones is to change their root password. Instructions on how
    > to do that can be found here.
    >
    > “The advice is loud and clear: if you jailbreak your iPhone, don't
    > leave the default root password as "alpine" or you're asking for
    > trouble," Graham Clulely, senior technology consultant at Sophos,
    > told eWEEK.


    Sounds more like the developers of the iPhone are having fun creating
    problems to scare potential users of the better 3rd party programs.

    If they would just unlock their product rather than creating the rogue
    programs to help support the marketing people who keep saying "Buy it from
    us or else"...



Similar Threads

  1. Encryption Response Part 2: Complexities of Key Management --
    By LJMecca in forum alt.computer.security
    Replies: 1
    Last Post: 06-26-09, 02:27 PM
  2. Digital Subscriber Line (xDSL) FAQ v20010108
    By jkristof@interaccess.com in forum comp.dcom.xdsl
    Replies: 0
    Last Post: 06-21-09, 11:51 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •