First Malicious Worm Hits the iPhone

19

Comments

+ Add a Comment
avatar

Khaled

It's like having a Linux system with a blank root password. Should we blame the OS or the user?

avatar

Caboose

 Blame the user. It's your responsility to secure your OS. Just like if you leave your house or car unlocked, and someone steals stuff, you can't hold the car company or house manufacturer responsible for your fault.

 

-= I don't want to be dead, I want to be alive! Or... a cowboy! =-

avatar

Caboose

 Dear Apple Users;

This just proves that Apple products are NOT immune to people with malicious intent. Windows is attacked more often because it is the most widely used OS on the market. iphones have the spotlight when it comes to "Smart" phones. And when YOU don't take steps to protect yourself, this is what happens.

I hope you learn your lesson, but I'd bet a year's paycheque that, that will never happen!

Yours Truely,

A Secured Windows User.

P.S. Notice I didn't use the term "PC"? That's because a Mac is a computer, and when it's used for personal use, it's a personal computer, thus Macs fall in to the PC category.

 

-= I don't want to be dead, I want to be alive! Or... a cowboy! =-

avatar

Jox

If you walk without rhythm...

 

-Jox

avatar

nsk chaos

apple get pwnd!

avatar

Righteous Fury

I don't know about you guys, but that Droid just keeps getting sexier... especially since a friend of mine saw my wife looking at them over the weekend... I can't wait to open my presents!!!

avatar

aviaggio

Wait... so the recommended fix is for all jailbroken iPhones to be un-jailbroken??? Kinda makes them useless then, no? Unless of course Apple hijacked the worm and let it loose just so it could stop jailbroken iPhones from working. I wouldn't put it past Jobs for a second.

Anyone else smell dogsh*t here???

avatar

Khaled

No, the solution is: CHANGE THE ROOT PASSWORD...

 

Root btw is the Administrator account in unix/linux based systems. 

avatar

nekollx

 So what? This http://www.maximumpc.com/article/news/first_virus_hits_jailbroken_iphone

isn't considered what

Malicious?

A Worm?

First?

------------------------------
Coming soon to Lulu.com --Tokusatsu Heroes--
Five teenagers, one alien ghost, a robot, and the fate of the world.

avatar

Paul_Lilly

This is the first (known) malicious worm to hit the iPhone. Whereas the previous one hit jailbroken iPhone users with a Rickroll, this one acts like a botnet and is redirecting some online banking customers to lookalike websites. BBC News actually has a pretty good read on this one, found here.

-Paul Lilly

avatar

nekollx

 so again why is this "first"

Both previous cases were jailbroken iPhone, just like this one.

Why does this get to be "first" for the 3rd time.

------------------------------
Coming soon to Lulu.com --Tokusatsu Heroes--
Five teenagers, one alien ghost, a robot, and the fate of the world.

avatar

Paul_Lilly

First malicious worm, not the first worm.

-Paul Lilly

avatar

nekollx

 But it's not the first or new. It's the EXACT SAME exploit in the SSH root as the other two. Only a new application. There is NO difference between this injection vector and the past 2 cases. So it  can't be "the first"

Look my concern is the messange this sends to people not keeping up. "oh it's only the first one, it's not wide spread."

But their's been 3 seperate attacks, malisious or not, 3 different people used the same exploit. saying "the first" devalues the danger present

 

------------------------------
Coming soon to Lulu.com --Tokusatsu Heroes--
Five teenagers, one alien ghost, a robot, and the fate of the world.

avatar

mesiah

Your splitting hairs. I don't know if you are doing it because you are truly stuck on the fact that the vulnerability itself has been used before, or if you are doing it just to be a douche bag. The headline of the article is 100% correct. The argument you are making is the same argument that AT&T is trying to make to stop the "there's a map for that" commercials. You are inferring that the average person is too stupid to realize the difference between "the first attack" and "the first malicious attack" The first paragraph of the article clearly states that this is not the first occurrence, but merely the first time it has been used to cause real harm. Whether or not you like the headline doesn't matter, it is fact, and I don't believe it was meant to be misleading, merely eye catching.

avatar

nekollx

 and the first paragraph covers only 1 of the 2 attacks. And this is nothing like ATT. They say "well we have EDGE" I'm saying, "the exact same vunerability was exploted TWICe before" and yet everytime there is a article about this EXACT SAME injection vector it's being called "the first" which sets a image to those not tracking everything that "Oh it's not so bad, just one guy" when it facts its /3/ guys exploiting the flaw.

 

By that logic their only what 15 virus on PC in the wild, i mean if any instace of a injection vector counts under the "the first" then there are only x virus = injection vector, their's no such thing as multiple viru using the same vector, nope. All the same.

------------------------------

Coming soon to Lulu.com --Tokusatsu Heroes--
Five teenagers, one alien ghost, a robot, and the fate of the world.

avatar

Paul_Lilly

You're right, the exploit itself  is not new (well, it's kind of new, in that it was recently discovered), but the worm (or "application") is the first malicious use of the exploit. I see what you're saying, but the title is still correct regardless if jailbroken iPhone users do their research or not. And on that latter point, we kind of cover that in the first paragraph.

-Paul Lilly

avatar

lancethepants

Try reading the article and looking at their posted links

http://www.sophos.com/blogs/chetw/g/2009/11/21/malicious-iphone-worm-loose/

avatar

GFC

As if lithuania wasnt known for shit like that - they still manage to embarrass me in front of the internet. Yea, way to go guys.. <.<

And em.. if you can - don't start blockin' all the LT Ips, yea.. i really <3 maximum pc x}

avatar

LVmonkey

"The recommended fix is to restore jailbroken iPhones to the current Apple-supplied firmware. "

Or, as the author of the worm has suggested...change the default password of your ssh to something other than the default.    ---which is to say there may have been a reason behind you jailbreaking it in the first place and the worm was made specifically to show people that they need to get on that default password for ssh thing.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.