If you didn't heed previous warnings to secure your jailbroken iPhone, you may be in for some serious trouble. Computer security firm Intego has identified the first known truly malicious code which targets jailbroken iPhones with default root passwords.
The latest in a string of recent attacks, iPhone/Privacy.A uses a technique similar to previous hacks. The malware scans for phones on a given network with an open SSH port, then attempts to log in using the default root password that is the same on all iPhones. Unlike the previous versions, which merely replaced the wallpaper image to alert users that they have been cracked, the new version silently copies personal data—"e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app." It then sends the data back to the machine running the software.
No comments:
Post a Comment