New iPhone worm spreads further, creates mobile botnet

The worm-ridden iPhone has just turned more rotten, with a new virus spreading from Australia and infecting iPhones in the Netherlands, Hungary, Portugal and Brazil, affecting thousands.

"After the 5 euro idiot, Ikee with Rick Astley and Intego’s privacy, this worm is doing really bad things," said Scott McIntyre, Security Officer for XS4ALL Internet BV.

The new worm can steal data, connects to its creators (apparently using a server in Lithuania) and gives them complete control over the phone.  The worm also searches the SMS database, possibly for bank codes and installs itself in the start-up script.  It then initiates a search for other vulnerable iPhones on the same network to spread itself further, often draining the iPhone battery in the process.

While this worm takes advantage of the default password SSH vulnerability in jaibroken iPhones, the attacks have obviously increased significantly in sophistication, making it likely that it will not be long before hackers take advantage from other vulnerabilities in the OS.  The main saving grace is however that the iPhone OS, which was originally hackable simply by viewing an image in the browser, has been significantly hardened by Apple’s constant battle with the Jailbreaking community, a process which Apple has called illegal and which may ultimate rob iPhone users from being able to customize or multi-task on their devices.

Read more at Security.nl here.

Via Allaboutphones.nl