iPhone Worms Move From Harmless (Rickroll) to Nasty (Stolen Bank Info)

By Andrew Moseman | November 26, 2009 11:59 am

iphone-webIt started off innocently enough, with a Rickroll—when the first iPhone worm turned up in Australia two weeks ago, it changed its victim’s wallpaper to a portrait of “Never Gonna Give You Up” signer/Internet sensation Rick Astley. But now iPhone worms have turned malicious.

But by this week, some iPhones were victimized by the “Duh” worm, which steals personal banking info. Like the rickrolling original, the new malicious code targets only jailbroken iPhones—those on which that the owner has circumvented the Apple operating system to hack the phone. It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank’s customers to a lookalike site with a log-in screen [BBC News]. An iPhone could spread the worm to others that use the same wi-fi hotspot.

As for Apple’s response to the growing iPhone threats? Don’t hack your phone, genius. Apple spokesperson Natalie Harrison says, “As we’ve said before, the vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably” [The Loop].

Only a small percentage of iPhone users hack the device, so relatively few people are susceptible to this latest attack. Yet some researchers say the worm confirms that attacks against mobile users are evolving, and that cybercriminals are targeting the personal and financial information kept on portable devices. The ability to communicate with a central command-and-control server–a characteristic more commonly associated with hijacked PCs–also makes such software more dangerous [Technology Review].

Related Content:
80beats: Sorry, Australian iPhone Users: You’ve Been Rickrolled
80beats: AT&T and Verizon Wireless Take Their Cat Fight to Court
Discoblog: Weird iPhone Apps, our compendium of the strangest things to do with your smartphone.

Image: flickr / William Hook

MORE ABOUT: hackers, iPhone
  • http://clubneko.net Nick

    What I really don’t get is how the worm functions in the first place – are these jailbroken iPhones users turning off all the built-in security? Does Apple recognize jailbroken phones and instead of turning them off, opens them up for attack? Is it getting in through holes in non-approved applications?

    I mean, Apple’s always going on in commercials about how virus and hacker proof OSX is, and the iPhone runs a version of OSX…. Macs are not sealed up like an iPhone, they’re basically ‘jailbroken’ from the terms of security an iPhone has vs. regular OSX…. so how does jailbreaking the iPhone open it up to attacks over WiFi that wont harm a regular Mac?

  • FIl

    1. The point of jailbreaking a iPhone is to allow it to run unauthorized apps. Clearly the fact that it can run unauthorized apps now IS the security hole.

    2. OS X isn’t invincible, viruses aren’t as widespread on it; doesn’t mean there aren’t any.

    3. Just because OS X and iPhone OS have the same foundation doesn’t make them equivalent; you can’t just run an OS X app on an iPhone.

  • Cory

    Lol, because possibly falling pray to a pretty transparent scheme is a good reason to accept Apple’s clenching-hold on your.. hair.

  • Brandon

    How this worm functions in the first place is the exact same way the first harmless one did. One thing in common with all jailbroken iPhones is that SSh is enabled; which provides remote access to the iPhone’s file system. SSh enabled isn’t the whole reason to why all jailbroken iPhones are at risk, its actually due to the fact that all jailbroken iPhones with SSh enabled, have the same default password that is used to access the iPhone’s file system. This vulnerability can easily fixed, you disable SSh on your iPhone, and/or you can change this root password to anything you want, locking out any worm. Of course anyone with concerns about the worm, should already know how to do these things to protect themselves. Unless of course you paid someone to unlock it for you, if so then shame on you. Its as easy as pressing a button to jailbreak your iPhone. The main reason of doing so is of course the availability to install apps that weren’t approved by apple.

  • Fatkid

    I am the president of a non-profit called Some Users Cell’s Keep Everything Readily Seen, or S.U.C.K.E.R.S. To join, most of you don’t have to change a thing. Often times membership is for life and can be handed down for generations!

  • http://www.wifirobinstore.com/ hack wifi

    This wireless adapter works with GNU/Linux, out of the box and without the need for proprietary drivers. Exactly what I wanted!


Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!


80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.

See More

Collapse bottom bar