Another iPhone worm exposed

Posted Nov 23, 2009 by Tylor Sweeney
A new iPhone worm has been exposed, and unlike the last reported worm which just changed a jailbroken iPhone's wallpaper to a picture of Rick Astley of "Rickrolling" frame, this one is serious: it allows hackers to steal sensitive information.
Apple iPhone 3G
Apple iPhone 3G
According to Sophos, a security firm who wrote about the exploit after a Dutch ISP discovered it late last week, this worm affects jailbroken iPhone and iPod Touch devices only.
The worm "uses command-and-control, like a traditional PC botnet," Sophos wrote in the post. "It configures two startup scripts, one to execute the worm on boot-up, and the other to create a connection to a Lithuanian server to upload stolen data and cede control to the bot master."
The worm attacks devices on several ISPs, and works faster over Wi-Fi connections than 3G. One notification that a device is infected is extremely short battery life over Wi-Fi connections.
When a device is infected, it's assigned a unique number so that the attackers can easily pinpoint a single device. It also looks for authentication systems that use SMS, better known as mTANs. mTANs are frequently used by banks that send an SMS message with a password to mobile phones, allowing people to log in to their online accounts, Sophos wrote.
Sophos recommends that anyone with an infected iPhone/iPod Touch or anyone with a jailbroken phone wanting to avoid this worm restore their device back to Apple's latest firmware. For now, that is the only solution to this serious threat.