news 28 Posted November 11, 2009 Intego Security Memo - November 11, 2009 - Published on 11/11/09 IMMEDIATE RELEASE Intego today released their important November 11, 2009 Security Memo. Intego has identified this as iPhone/Privacy.A, allowing hackers to connect to any jailbroken iPhone whose owners have not changed the root password. Hackers using this tool will install it on a computer, then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it. Austin, TX - Intego today released their important November 11, 2009 Security Memo. Following the recent discovery of a worm that changes wallpaper on iPhones, Intego has spotted another piece of malware that attacks iPhones, one that is far more dangerous than the ikee worm. This hacker tool, which Intego identifies as iPhone/Privacy.A, takes advantage of the same vulnerability in the iPhone as the ikee worm, allowing hackers to connect to any jailbroken iPhone (iPhones hacked to allow installation of software other than through iTunes) whose owners have not changed the root password. Exploit: iPhone/Privacy.A Discovered: November 10, 2009 Risk: Low It is important to note that standard, non-jailbroken iPhones are not at risk; it is extremely dangerous to jailbreak an iPhone because of the vulnerabilities that this process creates. (Estimates suggest that 6-8% of iPhones are jailbroken.) When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app. Unlike the ikee worm, which signals its presence by changing the iPhone's wallpaper, this hacker tool gives no indication that it has invaded an iPhone. Hackers using this tool will install it on a computer - Mac, PC, Unix or Linux - then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it. This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet cafe and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business. Means of protection: Intego VirusBarrier X5 detects and eradicates this program on Macs, and identifies it as iPhone/Privacy.A. While it is not possible to protect the iPhone from this hacker tool - it does not install anything on an iPhone - VirusBarrier X5 can ensure that Macs, especially in businesses, are protected from this hacker tool being installed. We would like to stress that users who jailbreak their iPhones are exposing themselves to known vulnerabilities that are being exploited by code that is circulating in the wild. While the number of iPhones attacked may be minimal, the amount of personal data that can be compromised strongly suggests that iPhone users should stick with their stock configuration and not jailbreak their devices. iPhone/Privacy.A Exploit: http://blog.intego.com/2009/11/09/worm-affects-jailbroken-iphones-changes-wallpaper Intego: http://www.intego.com Intego develops and sells desktop Internet security and privacy software for Macintosh. Intego provides the widest range of software to protect users and their Macs from the dangers of the Internet. Intego's multilingual software and support repeatedly receives awards from Mac magazines, and protects more than one million users in over 60 countries. Intego has headquarters in the USA, France and Japan. ### Rosaline Mills Junior Account Manager +44 (0)845 2577115 rosaline ( -at -) bamboopr.co.uk ******* ******* ******* Share this post Link to post
