Graham Cluley’s blog

According to The Register and others, a tool which allows hackers to break into jailbroken iPhones and steal information has been discovered.

Following closely in the footsteps of the first iPhone worm (known as Ikee) which hunted for jailbroken iPhones running SSH which were still using the default password of "alpine", the hacking tool reportedly allows criminals to steal emails, contacts, calendars and other data stored on the device.

Sophos has not yet received a sample of the hacking tool, which was first reported by French Mac security company Intego. David Harley of ESET reports that the tool is in reality a script written in Python - meaning it can be run on a variety of different platforms. In other words, a hacker could run the script on his Mac or Windows or Linux computer to try and find vulnerable iPhones.

It's important to recognise that the tool (dubbed iPhone/Privacy.A by Intego) is not a virus or a worm, and can not spread under its own steam. Nevertheless the advice remains the same - if you are going to tinker and jailbreak your iPhone, make sure you also change its default password to something other than "alpine".

Posted on November 11th, 2009 by Graham Cluley, Sophos
Filed under: Apple, Data loss, Malware, Mobile

                                         

Windows 7 security - A great leap forward or business as usual?

Related posts

• Hacked iPhones held hostage for 5 Euros
• Worm author tells media he initially infected 100 iPhones
• First iPhone worm discovered - ikee changes wallpaper to Rick Astley photo
• Microsoft's COFEE forensic tool leaks onto the web
• Hacking into mobile phone voicemail systems