Home / / Malicious iPhone worm discovered

Malicious iPhone worm discovered

Worm detected that can steal SMS history and banking authentication details from iPhones

Malicious iPhone worm discovered
The worm targets jailbroken iPhones where the default password has not been changed.

The first malicious worm targeting the iPhone has been detected in the wild, according to security experts and internet service providers.

Researchers have confirmed that the new worm, which only affects iPhones that have been ‘jailbroken', is able to steal private information from the phone and connect back to a command server to run additional commands.

The worm follows on from instances of iPhone ‘Rickrolling' first seen two weeks ago, where a worm installed pictures of 80s singer Rick Astley. The new worm follows the same attack path, targeting jailbroken phones that use the default Apple password and OpenSSH, to remotely access the iPhone using the SSH protocol, but it is the first worm detected with a malicious payload.

The worm is able to steal SMS history, and also attempts to find mobile transaction authentication numbers which are used for some SMS banking services. It also connects to a master server and changes the root password for the device, making it harder to remove, and also tries to spread itself to other iPhones by searching several IP ranges.

iPhone handsets that have been infected by the worm will usually provide much shorter battery life, as the worm attempts to connect to wi-fi networks, draining the battery.

Jailbroken iPhones are phones that have been unlocked to run non-Apple approved applications and services. The software usually installs OpenSSH, leaving the phone vulnerable if the user does not change the password from Apple's weak default password.

Dutch ISP XS4ALL, one of the first companies to report the worm, issued an advisory: "A number of customers with jailbroken phones have been found running unknown software on their phones which is trying to compromise other iPhone users at other telecommunications providers. XS4ALL strongly advises caution against jailbreaking if you are not fully aware of the potential risks to your privacy and security."

Follow us to get the most comprehensive consumer tech news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.