iPhone Worm Targets Bank Customers
Another iPhone worm has hit another country, once again targeting jailbroken versions of the smartphone.
Security company F-Secure have uncovered the latest worm languishing this time in Dutch models.
Australian iPhone owners were Rick Rolled a fortnight ago thanks to the ikee programme but this new virus targets users who bank with Dutch online bank ING.
The handsets at risk are those jailbroken models and ones with SSH (secure shell) installed.
SSH allows other programs to remotely connect to an iPhone which is commonly used to transfer files.
It comes with a default password, “alpine” which users should change immediately.
Only users who have installed SSH and not changed the password are at risk.
The new worm is more serious as it enables the phone to be accessed or controlled remotely without the owner’s permission.
The virus redirects ING bank customers to a lookalike site with similar log-in screen.
“It’s fairly isolated and specific to Netherlands but it is capable of spreading.” F-Secure research director Mikko Hypponen told the BBC.
He also added that infected phone numbers are believed to be in the hundreds rather than thousands yet the worm can jump from phone to phone among owners using the same Wi-Fi spot.
Creator of the ikee programme which hit Australian phones, Ashley Towns, claims he wrote the virtually harmless program to raise the issue of iPhone security but the new worm appears to have heightened repercussions compared to a mere Rick-Rolling.
Like Ikee worm, this new kind of malware affects only jail broken iPhones which have SSH installed and have not changed the default password.
Once the worm is executed, it connects to a control-center located in Lithuania and its main malicious action is to try to steal information from the mobile device to report to the hacker center).
Fortunately the worm is not widespread but users owning mobile devices, like iPhones should be very careful of this new threat.
Where you can, try and avoid running a “jail breaking” process on your mobile device. Jail breaking tools generally install a software program called OpenSSH, which allows you to control your device remotely and therefore can be controlled by third-parties as well as yourself, thus allowing for vulnerability and control of your device.
In order to avoid such problems, it is advisable to avoid installations of applications not approved by Apple.
Rossano Ferraris, CA ISBU Research Team