LT Panel
RT Panel
Sunday | December 11, 2016
Popular Review Links:
Botnet worm targets iPhone

Botnet worm targets iPhone

If you own a jailbroken iPhone you may already be aware that a brand new, and potentially more dangerous version of the recent iPhone worm is currently on the rampage.

Recently a Dutch cracker was in the news for holding jailbroken iPhones to ransom, demanding payments of 5 euros to secure the device against illegitimate use. Unfortunately this concept has taken a new twist with another Dutch cracker apparently involved.

Anti Virus company Sophos have listed new reports from Dutch ISPs showing a high level of traffic coming from iPhone users, specifically scans aimed at port 22, the TCP port used by the Secure Shell Service (SSH) which allows users to log onto their jailbroken iPhones.

Product image

Using a method similar to the original attack the new version of the worm is considerably more dangerous as it latches onto Apple Iphones and Touch devices and pairs them up with a botnet located in Lithuania while changing the default SSH password to make it very hard to remove. Before the control of the iPhone is passed to the botnet server however, the worm uploads personal information on the handset including two factor authentication SMS mTANs used by online banks – then it scans for other insecure iPhones so it can spread. According to one infected user we spoke with “I realised my iPhone was infected when my battery life was being reduced significantly and my phone was not old so I knew something was going on.”

The problems are significantly worse when factoring in that removing the worm is very difficult and some users are even returning to the default locked down operating system via itunes to protect their phones. Other alternatives include changing the default SSH password or just disabling the SSH service completely, immediately after performing the jailbreak.

About Author

Stuart Davidson

It appears you have AdBlocking activated

Unfortunately AdBlockers interfere with the shopping cart process

To continue with the payment process can we ask you to

deactivate your AdBlocking plugin

or to whitelist this site. Then refresh the page

We thank you for your understanding


Hardwareheaven respect you right to employ plugins such as AdBlocker.
We would however ask you to consider whitelisting this site
We do not allow intrusive advertising and all our sponsors supply items
relevant to the content on the site.

Hardwareheaven Webmaster