 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|
News > Press Releases | ||||||||||
|
|||||||||||
INTEGO SECURITY MEMO – November
9, 2009 Exploit: iPhone/sshgate.a, iPhone/sshgate.b, iPhone/sshgate.c, iPhone/sshgate.d Discovered: November 8, 2009 Risk: Low Description: An iPhone worm, dubbed "ikee", has been found in the wild affecting jailbroken iPhones (iPhones hacked to allow installation of software other than through iTunes). The worm takes advantage of a weakness in jailbroken iPhones whereby ssh (secure shell) access is available with a widely-known default password. Users who have changed the root password are not vulnerable. Unlike what some media have reported, this is not a virus, and it does not affect standard iPhones that have not been jailbroken. While it can spread - worms spread across networks - its spread is limited by the way certain phone networks function. The percentage of users who are at risk from this worm is very small, and those who use their iPhones in the normal manner, have nothing to worry about. This worm, which was meant as a "prank", installs an image of Rick Astley as wallpaper, then turns off ssh (thereby making the "infected" phone safer), before sniffing around to try and find other phones to infect. While the worm can't infect all jailbroken iPhones - some phone networks use NAT (network address translation) that prevents direct access to an iPhone using an IP address, and others block ssh packets on their networks - the worm seems to have spread outside Australia, where it was first released. Unfortunately, since the source code of this worm has been published on several web sites, other malicious users will be able to create similar worms using the same technique. Means of protection: The best way to protect against this exploit is to change the root password for any jailbroken iPhone. If an iPhone is already infected, Intego VirusBarrier X5 can eradicate the worm. VirusBarrier X5 has been able to scan iPhones and iPod touches connected to Macs to find and eradicate malware for some time now, anticipating the arrival of such threats.
Intego develops and sells Internet security and privacy software exclusively for Macs and iOS devices. Intego provides the widest range of software to protect users and their Macs and iOS devices from the dangers of the Internet. Intego's multilingual software and support regularly receives awards from Mac magazines, and protects more than one million users in over 100 countries. Intego has headquarters in the USA, France and Japan. For further information, visit www.intego.com.
|
  |
