Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Jailbroken iPhones are threatened by another virus - but this time the malware has the potential to spread much wider, hack into online bank accounts and set up a PC-type botnet.
'Legal' iPhones are not affected.
The virus is designed to scan IP addresses for vulnerable devices on the Optus mobile network in Australia as well as UPC in the Netherlands and T-Mobile, according to the blog of Chester Wisniewski, a senior Security Advisor at Sophos Canada.
In Early November, Wollongong-based Ashley Towns released a RickRolling virus affecting Jailbroken iPhones, which he said was a joke. This latest attack seems to have more sinister intentions.
For a start, the exploit changes the default password of the iPhone, which makes it far more difficult to recover from an infection. In addition, because the handsets are connected to a botnet, the criminal controlling the phones will be able to access any information stored on the phone and continue to expand the botnet by scanning for new targets.
Wisniewski warns enterprise administrators that jailbroken iPhones now pose a threat to all corporate data and should be removed from the network.
"It does not appear that iPhones are able to report back any sort of status information, so there is no way to securely use them in an enterprise environment. If an infected phone is also connected to your MS Exchange, WiFi, or VPN environment, all of your confidential data could be at risk," he said.
Wisniewski also thinks the malware is trying to hack into online banking accounts and recommends anyone with a jailbroken iPhone to restore it to Apple's original factory settings. He suggests using an alternative OS for more app "freedom".
"If you have jailbroken your iPhone, I recommend restoring it to the current Apple-supplied firmware. If you want freedom of application choice, perhaps you should consider an Android-based phone rather than hacking your device into a potentially insecure state," he wrote.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
