The virus spreads via ssh using the iphone's default password of 'alpine'. Normally ssh access is not available on a standard iphone, but enabling access is a requirement of jailbreaking the iphone to get around restrictions placed on the device by Apple.This comes hot on the heels of a ransonware scam with a dutch hacker holding jailbroken iphones 'hostage' for €5 which uses the same method to gain access to jailbroken phones. (The dutch hacker has since apparently stopped asking for money and has now provided instructions on how to undo his changes).
Does this represent a big security hole for Apple? Not really, as both attacks only affect jailbroken iphones. If you are jailbreaking an iphone, or modifying any device against the manufacturer's instructions, then the onus of providing a secure device has passed from the manufacturer to the end user - something which most end users probably don't think about.
While both 'hackers' have claimed the release of their viruses was a educational 'wake up call' for users with jailbroken iphones to ensure they change their default passwords, the simplicity of the attacks could mean something more sinister is on the horizon.
The pair of them may be in hot water as even a relatively harmless change like rickrolling can have unintended legal consequences (the attempted extortion from the dutchman aside).
If you have a jailbroken iphone, change the default password asap!
*edit* I just came acoss this post from Sophos which has a screenshot of some of the virus source code:
Posts
0 comments:
Post a Comment