A Dangerous New Worm Affecting Apple iPhone and iPod

This is the second worm found in the wild which is targeted specifically at the Apple iPhone and iPod Touch.  It is the first one which security company Sophos rates as a serious and malicious threat.  It has been reported on the Sophos blog and on CNet News.


Most iPhone and iPod Touch users will not be affected.  That’s because this exploit attacks jailbroken iPhone and iPod Touch devices only.  Jailbreaking, which has been around for about two years, is a hack that enables iPhone and iPod Touch users to download applications unavailable through Apple’s App Store.  That means most of you who read my blog are safe.  But if you have a seriously nerdy teenager at home who is addicted to their iPhone or iPod, there is a good chance they have installed some bootleg software, thereby leaving them exposed to this threat.


This worm uses command-and-control like a traditional PC botnet. It configures two startup scripts, one to execute the worm on boot-up, and the other to create a connection to a Lithuanian server (HTTP) to upload stolen data and cede control to the bot master.


This virus can spread from one device to another.  When an infected device is hooked up to a WiFi connection, the worm can spread more quickly to more IP addresses than on a typical 3G connection.


In August, 2007 I wrote a blog post entitled “The iPhone is All the Rage — But Is It a Good Tool for Attorneys?” in which I questioned the premature use of this device in a law firm environment due to security issues.  According to Sophos, my prediction is very true.  They write:


It does not appear that iPhones are able to report back any sort of status information, so there is no way to securely use them in an enterprise environment. If an infected phone is also connected to your MS Exchange, WiFi, or VPN environment, all of your confidential data could be at risk. . . . This further demonstrates that iPhones are not ready for the business environment.


The recommended method to remove this malware from an iPhone is to restore the Apple factory firmware using iTunes.


To be fair, and scare the heck out of the rest of the Smartphone world, BlackBerry is also susceptible to malicious infection as well.  Read this blog post on Sophos.




To return to the main page of the blog, click here.  To return to the blog  Index, click here.

WordPress Themes