Monday, 30 November 2009

Virus in Netherlands hits disarmed iPhones

Hackers have built a virus that attacks Apple’s iPhone by secretly taking control of the device through its internet connection, according to security experts.

1 comment:

Guanyu said...

Virus in Netherlands hits disarmed iPhones

Reuters in Boston
25 November 2009

Hackers have built a virus that attacks Apple’s iPhone by secretly taking control of the device through its internet connection, according to security experts.

The virus had been detected in the Netherlands and could only attack iPhones whose users had disabled some pre-installed security features, analysts monitoring the progress of the virus said.

The hackers are trying to use the virus to obtain passwords to banking sites, according to Graham Cluley, a researcher with anti-virus software maker Sophos.

When an iPhone user tried to access a bank website, the Duh worm directed the browser to a look-alike site controlled by the hackers, Cluley said.

A spokeswoman for ING Groep said the Dutch banking giant discovered a criminal network that had attempted to steal banking credentials through hacked iPhones.

Dutch clients of ING had been targeted, but there was no indication clients outside the Netherlands had to worry, she said.

ING had not received any reports from clients that their credentials had been lost but the bank was monitoring client accounts for suspicious transactions, she said.

The only iPhones that were vulnerable to the Duh worm were “jailbroken” phones, where the users had disabled key Apple security features to get around the terms-of-usage agreement they were designed to enforce, analysts said.

For example, Apple prevents users from switching service providers to unauthorised carriers and limits users to the roughly 100,000 programs it has vetted for installation on the device. There are thousands of unauthorised programs covering areas including internet telephone calls, WiFi access and pornography.

“The vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty; they will also cause the iPhone to become unstable and not work reliably,” said Apple spokeswoman Natalie Harrison.

Three independent security experts said it was best for iPhone users not to jailbreak their devices, because the security risks were greater than the benefits.

“They’re leaving their back door open. Every one else knows what the key is to open that door,” Cluley said.

The ING spokeswoman said: “People who use their iPhones in a regular way have nothing to fear.”

The case is the first in which iPhones have been recruited into a “botnet,” or army of infected devices that hackers can control from a central command and control centre.

Early this year, an unknown criminal gang built a botnet with millions of computers using the worm Conficker. Security researchers feared it might wreak havoc on April 1 but that date passed with little fanfare.

Since then, security researchers say a limited number of Conficker-infected computers have been used to spread spam, sell fake anti-virus software and perpetrate identity theft.

Mikko Hypponen, an expert on Conficker and the chief research officer for security software maker F-Secure, said Duh could spread from the Netherlands to other countries.

The hackers who wrote Duh were looking for a pay-off from their work, he said. “It’s clearly written to make money. That’s a first on the mobile side,” Hypponen said.