Monday, November 23, 2009

Second worm to hit the iPhone-on yougestindia.blogspot.com

A second worm to hit the iPhone has been unearthed by security company F-Secure.
It is specifically targetting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING Direct.
It redirects the bank's customers to a look-a-like site with a log-in screen.
The worm attacks "jail-broken" phones - a modification which enables the user to run non-Apple approved software on their handset.
The handsets at risk also have SSH (secure shell)installed.
SSH is a file-transfer program that enables users to remotely connect to their phones. It comes with a default password, "alpine" which should be changed.


Users who have installed SSH and not changed the password are especially at risk.
The new worm is more serious than the first because it can behave like a botnet, warns F-Secure.
This enables the phone to be accessed or controlled remotely without the permission of its owner.
"It's the second iPhone worm ever and the first that's clearly malicious - there's a clear financial motive behind it," F-Secure research director Mikko Hypponen told the BBC.
"It's fairly isolated and specific to Netherlands but it is capable of spreading."
He added although the number of infected phones was thought to be in the hundreds rather than thousands, the worm could jump from phone to phone among owners using the same wi-fi hotspot.
A spokesperson for ING Direct said that a warning was going to be put on the bank's official website.
"We are also briefing call centre personnel," she added. "It's important to remember that the worm only affects jail-broken phones and it is only aimed at customers in the Netherlands."
The first worm, called ikee, was harmless. Users with infected phones found their wallpaper replaced with a picture of 1980s popstar Rick Astley.
It also targeted jail-broken phones with SSH enabled.
Its creator Ashley Towns said he wrote the ikee program in order to raise the issue of iPhone security.

No comments:

Post a Comment

type='text/javascript'/>