Submitted by Bob Bhatnagar on
Jailbroken iPhones have been attacked again. iBotnet.A is the latest in a string of attacks to exploit the root password common to iPhones running SSH. The only way to insure security (besides NOT jailbreaking your iPhone) is to change your root password.
iBotnet.A (also known as Ikee.B or the "Duh" virus) spreads from iPhone to iPhone across the network sending personal data to a server located in Lithuania. Address ranges from service providers in Portugal, Hungary, Australia and the Netherlands have been targeted.
The worm is sophisticated, as it assigns a unique identifier to each infected device so that in the event that valuable personal information is found the main servers can reconnect at will. The program also installs a phishing site to trick Dutch online banking users into sending their usernames and passwords.
As if this isn't bad enough, the malware creates a botnet out of infected iPhones, making it possible to use infected iPhones to execute additional malicious code and carry out attacks on other servers.Intego has identified and isolated the worm, and its VirusBarrier X5 product detects and eradicates the malware. Alternatively, infected iPhone users can completely erase their devices and restore using iTunes.