iPhone worm attacks jailbroken iPhones with default password - Ars Technica
Change your passwords, or shut off Open SSH with SBS Settings...
The first known malware worm for the iPhone is targeting jailbreakers running SSH and default root passwords, "rickrolling" vulnerable iPhones by replacing the wallpaper image with an image of 90s pop star Rick Astley. The image also includes a boast that hacker "ikee" is "never gonna give you up." While the hack is apparently harmless, it serves as another reminder of the potential security vulnerability that jailbreaking can cause.Unlike the hack we reported last week, this malware can spread itself to other vulnerable devices that are accessible to an infected phone. The worm scans the network, looking for jailbroken phones with an open SSH port and attempts to use the default passwords. At least four variants exist in the wild, the latter of which makes an attempt to hide itself by burying the code in a filepath that looks like the path for Cydia, a jailbreak app installer.
via iPhone worm attacks jailbroken iPhones with default password - Ars Technica.
The first known malware worm for the iPhone is targeting jailbreakers running SSH and default root passwords, "rickrolling" vulnerable iPhones by replacing the wallpaper image with an image of 90s pop star Rick Astley. The image also includes a boast that hacker "ikee" is "never gonna give you up." While the hack is apparently harmless, it serves as another reminder of the potential security vulnerability that jailbreaking can cause.Unlike the hack we reported last week, this malware can spread itself to other vulnerable devices that are accessible to an infected phone. The worm scans the network, looking for jailbroken phones with an open SSH port and attempts to use the default passwords. At least four variants exist in the wild, the latter of which makes an attempt to hide itself by burying the code in a filepath that looks like the path for Cydia, a jailbreak app installer.
via iPhone worm attacks jailbroken iPhones with default password - Ars Technica.
Comments
Post a Comment