Intego spotted another piece of malware that attacks iPhones. Intego identifies and named the malware iPhone/Privacy.A, takes advantage of the same vulnerability in the iPhone as the ikee worm. We need to clarify that all these worms/hacks/malware can infect only those jailbroken iPhone whose SSH was turned on with the default root:alpine configuration. That doesn’t means all jailbroken iPhones are in the range of attack. A little workaround to change the default password can make safe your iPhone as normal. We published a guide to change your default password of SSH, if you missed then check Secure Your Jailbroken iPhone and Change your Default Password.
iPhone/Privacy.A : First Malicious iPhone Malware Detected
When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app. Unlike the ikee worm, which signals its presence by changing the iPhone’s wallpaper, this hacker tool gives no indication that it has invaded an iPhone.
Hackers using this tool will install it on a computer – Mac, PC, Unix or Linux – then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it.
This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data.
Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business. Intego VirusBarrier X5 detects and eradicates this program on Macs, and identifies it as iPhone/Privacy.A. While it is not possible to protect the iPhone from this hacker tool – it does not install anything on an iPhone – VirusBarrier X5 can ensure that Macs, especially in businesses, are protected from this hacker tool being installed.