All the latest UK technology news, reviews and analysis
|
|
|
23 Nov 2009
Users of jail-broken iPhones are being warned of yet another piece of malware after the discovery over the weekend of a worm with the ability to steal online banking credentials.
The new 'Duh' malware is likely to be based on the original Ikee worm which was spread a couple of weeks ago by a young hacker in Australia. Both target jail-broken iPhones with OpenSSH installed and the default password intact.
However, security experts have warned that its characteristics are much more malicious, and that hackers are likely to continue to propagate such malware if they can make money from it.
"It is much more serious than Ikee because it is not limited to infecting iPhone users in Australia, and communicates with an internet 'control and command' centre, downloading new instructions and effectively turning your iPhone into part of a botnet," said Sophos senior technology consultant Graham Cluley.
"Furthermore, it appears to be designed to steal information from users of online banking services."
Cluley's colleague at Sophos, Chester Wisniewski, added that the worm appears to be attacking IP ranges from a larger range of internet service providers. He recommended users to restore their phones to the Apple-supplied firmware, or think about choosing a different phone.
"If you want freedom of application choice, perhaps you should consider an Android-based phone rather than hacking your device into a potentially insecure state," he said in a blog post.
"This further demonstrates that iPhones are not ready for the business environment. Apple has made a great effort at preventing people from cracking into their software and unlocking/jail-breaking their devices, but where there is a will, there will always be a way."
Latest stories from Communications
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Java Developer Thomas Cook Online is the business unit...
Contract Systems Administrator, Southampton My...
PHP Web Developer required to join my market-leading...
Java Developer x2, Spring, Hibernate, Swindon, £40K...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Simple Fix
You set yourself up for disaster by not changing default passwords. To the few that never have, its a quick fix. Unless you're already infected, of course.
Posted by: reer 24 Nov 2009
More of the Personal touch
Touch Phones, impersonal banking. Why not go back to the good old honest fashion of actually going to your bank and dealing direct with a person. The safest way to bank is to go to a local branch and do your transactions there. If you do it over the net, you will be caught out. The reason Identity theft is such a huge market is because it is far too easy for computer data to be stolen. I may work with computers, and I may have loads of gadgets, but banking is done in a bank, its safer.
Posted by: Paul Wilson 23 Nov 2009
"This further demonstrates that iPhones are not ready for the business environment.".
what a stupid comment!! anything that is digital can be hacked, computers, xbox 360's, dvd players, and phones, any phone! look what happened on the so called business safe blackberry a few months back, the chinese were able to install spyware through an over the air update! its the current world we live in get over it.
Posted by: Adam Oram 23 Nov 2009