November has proved tough for jailbroken iPhone users as they twice came under attack by hackers. First one which we did warned you about was when a Dutch hacker tried to access jailbroken iPhones through SSH in his native country Netherlands. He was successful in sending totally off guarded users a message that read, "Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.". The second development was an attempt by an Australian who successfully injected a worm called “ikee” into jailbroken iPhones whose users forgot to change their root password for SSH. Victims of ikee virus were astonished to find their home screen background automatically changed to that of Rick Astley. ikee virus spread like a chain reaction from iPhones on one cellular network, to iPhones on other.
In the first case, the Dutch hacker regretted his action and reverted everything back, whereas in the second case, it was simply an experiment by the young Aussie whose worm ikee did not do any harm to the victims iPhone. All these attacks had one thing in common, they were targeted towards jailbroken iPhone users who were using the default root:alpine username/password combination. In our earlier post we had already recommended you all on how to secure and how to protect your iPhone against such vulnerabilities.
Previous attacks did not do much harm but this new one which is identified as iPhone/Privacy.A virus carries alot more risk. As reported by MobileCrunch, the computer security firm Intego has identified the truly malicious malware named iPhone/Privacy.A that targets jailbroken iPhones with default user/password combo and is probably the first harmful one of its kind. The virus in question gives a hacker complete access on the victim’s iPhone. The hacker can access and copy any user data from the jailbroken device, including emails, contacts, calendars, photos, SMSs, videos, in fact any data the hacker wants.
Intego explains iPhone/Privacy.A Virus in more detail as follows:
Hackers using this tool will install it on a computer – Mac, PC, Unix or Linux – then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it.
This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business.
It is highly recommended that you change your iPhone’s default SSH mobile and root password now. A complete step by step guide on how to change your jailbroken iPhone’s SSH password can be found here.