Security

Only days after the ikee worm was unleashed on Australian iPhone users a tool has been discovered that steals private data from jailbroken iPhones. iPhone/Privacy.A is a malware tool that runs on computers (or on an iPhone) and scans the Wi-Fi network for vulnerable iPhones.

After discovering and accessing the devices in range it copies all private data including SMS messages, videos, email, calendars, music, photos and all other app data to the computer. The program does all this without ever making the iPhone user aware of its intrusion.

Rickrolling has finally made it to the iPhone. The first known iPhone worm has been released in Australia, spreading from phone to phone over the network. Only jailbroken iPhones running SSH with the default root password are affected.

The ikee worm exploits this security weakness to infiltrate the iPhone file system and search for other jailbroken iPhones in the vicinity. The malware also changes the lockscreen wallpaper to a photo of 80s pop icon Rick Astley with the message "ikee is never going to give you up."

Apple has released version 3.0.1 of the iPhone OS software. This fixes the recently revealed SMS security flaw. The security hole was illustrated on Thursday by Charlie Miller at the Black Hat 2009 conference in Las Vegas.

iPhone owners can download and install the 3.0.1 update using iTunes immediately. Left unpatched, the problem makes it possible for iPhones to receive malicious binary programs through SMS messages without the user's knowledge.

A massive iPhone security flaw was illustrated on Thursday by Charlie Miller and Collin Mulliner at the Black Hat 2009 conference in Las Vegas. Word of the demonstration had been brewing for days, however Apple has remained silent on the issue.

The problem makes it possible for iPhones to receive binary programs through SMS messages without the user's knowledge. These programs can then give someone using the exploit complete control over the device.