New worm can access private information and steal SMS history on jailbroken iPhones.
Dutch ISP XS4ALL reports:
There is definitely a new iPhone worm on the loose that attacks Jailbreakers. It has the potential to access your private information and steal your SMS history, as well as phone home to the bad-guys for additional commands to run.
A jailbroken iPhone is an Apple iPhone which has been hacked with special software that lets the user install software which hasn’t been approved, nor is supported, by Apple. Unfortunately, the jailbreaking process is really meant for people with a technical understanding of the process, as well as the risks.
One of the things that most of the jailbreaking tools do is install something known as OpenSSH, which is a programme that lets you remotely access your iPhone using the SSH protocol.
Normal iPhones from authorised resellers do not have this software, and by default there is no way to remotely access the phone. Unfortunately, when you combine the jailbreaking process with a very insecure default password chosen by Apple, the result can be quite damaging to the security of your phone, as well as the privacy of your data.
For the past few days XS4ALL has seen what we believe is possibly a new version of the iPhone worms which have been in the news. A number of customers with jailbroken phones have been found running unknown software on their phones which is trying to compromise other iPhone users at other telecommunications providers. We’re working with as many customers as possible to determine the exact malware responsible, but so far none of the known iPhone worms seems to be responsible.
XS4ALL strongly advises caution against jailbreaking if you are not fully aware of the potential risks to your privacy and security. If you decide to do it anyway, make sure that you follow the instructions on the Internet about how to change the default password.