All the latest UK technology news, reviews and analysis
|
|
|
23 Nov 2009
Users of jail-broken iPhones are being warned of yet another piece of malware after the discovery over the weekend of a worm with the ability to steal online banking credentials.
The new 'Duh' malware is likely to be based on the original Ikee worm which was spread a couple of weeks ago by a young hacker in Australia. Both target jail-broken iPhones with OpenSSH installed and the default password intact.
However, security experts have warned that its characteristics are much more malicious, and that hackers are likely to continue to propagate such malware if they can make money from it.
"It is much more serious than Ikee because it is not limited to infecting iPhone users in Australia, and communicates with an internet 'control and command' centre, downloading new instructions and effectively turning your iPhone into part of a botnet," said Sophos senior technology consultant Graham Cluley.
"Furthermore, it appears to be designed to steal information from users of online banking services."
Cluley's colleague at Sophos, Chester Wisniewski, added that the worm appears to be attacking IP ranges from a larger range of internet service providers. He recommended users to restore their phones to the Apple-supplied firmware, or think about choosing a different phone.
"If you want freedom of application choice, perhaps you should consider an Android-based phone rather than hacking your device into a potentially insecure state," he said in a blog post.
"This further demonstrates that iPhones are not ready for the business environment. Apple has made a great effort at preventing people from cracking into their software and unlocking/jail-breaking their devices, but where there is a will, there will always be a way."
Latest stories from Communications
Related articles
Related jobs
Poll
What will be the biggest change to corporate technology in the future?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
Customer Insight Analyst- SAS/ SQL/ SPSS Key Words...
Java Deveoper/Programmer/Software Engineer, Algo Trading...
C#, WPF, Silverlight, UI Development, Software Engineers...
Java, Scala, Python, Software Engineer, Architect, Developer...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Simple Fix
You set yourself up for disaster by not changing default passwords. To the few that never have, its a quick fix. Unless you're already infected, of course.
Posted by: reer 24 Nov 2009
More of the Personal touch
Touch Phones, impersonal banking. Why not go back to the good old honest fashion of actually going to your bank and dealing direct with a person. The safest way to bank is to go to a local branch and do your transactions there. If you do it over the net, you will be caught out. The reason Identity theft is such a huge market is because it is far too easy for computer data to be stolen. I may work with computers, and I may have loads of gadgets, but banking is done in a bank, its safer.
Posted by: Paul Wilson 23 Nov 2009
"This further demonstrates that iPhones are not ready for the business environment.".
what a stupid comment!! anything that is digital can be hacked, computers, xbox 360's, dvd players, and phones, any phone! look what happened on the so called business safe blackberry a few months back, the chinese were able to install spyware through an over the air update! its the current world we live in get over it.
Posted by: Adam Oram 23 Nov 2009