Stealth malware steals jailbroken iPhone data

A new variant of stealth malware designed to steal data from jailbroken iPhones has been positively identified as Privacy.A.?? According to Intego, Privacy.A exploits the same vulnerability as the recently discovered Ikee worm by accessing jailbroken iPhones via a default root password.

“When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app,” Intego confirmed in an official blog post.

“[However], unlike the Ikee worm, which signals its presence by changing the iPhone’s wallpaper, this hacker tool gives no indication that it has invaded an iPhone.”

Intego also warned that the back-end of Privacy.A can be “easily” installed on a variety of operating systems, including OS X, Windows and Linux.
“A computer on display in a retail store could [then] scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones and use it to scan for jailbroken phones,” added Intego.

See Also

?Rickrolling worm infects jailbroken iPhones
Apple plans iPhone lockdown
Hacker jailbreaks iPhone 3GS with blacksn0w crack
iPhone jailbreakers held hostage