Subscribe to RSS feeds


Jan9
by Macky Cruz (Technical Communications)

Sure, the iPhone has topped Time’s Magazine’s Top 10 Gadgets of the Year, but that doesn’t mean it is safe from the reach of digital threats.

Already this New Year brings with it a new, albeit minor, annoyance for the legions of Apple iPhone users that have already weaned into their new phones for their everyday use.

The culprit? A bored eleven-year-old.

But before that, let’s recap.

It would appear that everyone is always oh-so-eager to point out holes in the whatever the celebrated gadget of the year seems to be, even when it first appears in the consumer space.

When it comes to the iPhone, some threats have been incidental to the hype, but yet some reports appear to have real teeth in terms of becoming legitimate iPhone threats (like the zero-day flaw in Safari as confirmed by our researchers, and the Wi-Fi woes illustrated in an entry last July).

Several security concerns may have followed closely on the heels of the iPhone craze, but who would have thought that an eleven-year-old would lay claim to authoring the first malicious application for the iPhone.

The offending application— which is really more of a nuisance than an actual attack— comes in the form of a downloadable application package purporting to be an important system update.

{iPhone Trojan package}

Once installed, it doesn’t appear to do anything except take up 90kb of the unit’s memory (at least upon initial analysis).

If the user decides to uninstall the package, however, the offending code also deletes other application files related to programs in the same directory.

As of this writing, the modmyifone thread on this issue has identified four applications that could be corrupted by uninstalling this tiny app, namely Erica’s Utilities, OpenSSH, Launcher, and Doom. The reason behind this, according to the programmer of some of these applications, is that the malicious program is just a slightly modified version of the originals: so if you install it, it overwrites the program files if they are already existing, and if you uninstall it, you inadvertently uninstall the said files, too.

Simple, really — but a potent vector for malware authors out to do more than just a little XML-tinkering.

Herein lies the catch for iPhone users who demand the freedom to modify their phones — ‘modded’ iPhones apps allow hackers to FUBAR your phone.

The link from which this Trojan can be downloaded is now down. But be assured — there will most certainly be more.



This entry was posted on Wednesday, January 9th, 2008 at 11:36 pm and is filed under News . Responses are closed, but you can trackback from your own site.



Comments are closed.


A Port-Hiding Rootkit
First Patch Tuesday for 2008


 
TrendWatch Hijack This Security Tips for Consumers
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
Glossary of Threat Terms

 
© Copyright 2008 Trend Micro Inc. All rights reserved. Legal Notice