| Alias/es | iPhone/Privacy.A |
| Release Date | Nov 17, 2009 |
| Detection Availability | Current Antivirus Definition Database Version: 12.196 | | Description | Visible SymptomsThere are no visible symptoms on the victim's iPhone.Detailed AnalysisThis hacker tool steals the victim's iPhone's contacts and SMS messages.
Your iPhone is at risk if;
- it is jailbroken and the default root SSH password hasn't been changed (alpine by default)
- AND if it is online (connected to an operator's network) or to a local LAN (for example by Wifi)
Technical Details
This hacker tool is written in Python, and will run on any operating system supporting Python. It also requires the installation of an additional Python module, named paramiko, to handle the SSH protocol.
The tool scans a given network (local network by default) and tries to connect to the SSH port. If connection is successful, the host is added to a potential vulnerable host list.
Then, for each host in that list, the tool tries to login as root with password 'alpine', which are the default credentials for jailbroken iPhones. If this is successful, the attacker is now root on the victim's iPhone. To demonstrate this, the attacker then downloads (steals) the victim's SMS and contacts database via secure FTP. The tool does not 'harm' the victim's iPhone.
Note the attack is successful if an attacker scans a network the victim is connected to. The attacker need not install any tool on the victim's iPhone.
|
Description Last Updated Date: Nov 18, 2009
Reference: ID - 1127255
|