Latest jailbroken iPhone worm tries filching bank passwords

by admin November 23, 2009 at 6:34 pm

Users who have jailbroken their iPhones just can’t catch a break—another malicious worm is making its way around the Internet and tries to steal bank passwords for users in the Netherlands, Portugal, Hungary, and Australia. Users with locked-down iPhones are still safe.

The second malicious worm to attack jailbroken iPhones has been spotted in the wild, and is the first to directly target users’ bank accounts. Called iBotnet.A by security research firm Intego, the worm tries to steal account logins from customers of popular online banking service ING Direct. Though it only affects iPhones that have been jailbroken by the user with SSH installed, this is clearly a trend that is growing quickly—and one that Apple isn’t likely to care about until it affects “legit” users.

According to Intego, the malware scans for phones on a local network and a range of IPs with an open SSH port, then attempts to log in using the default root password that is the same on all iPhones. This is the same method used by the first malicious iPhone worm that came out earlier this month. The IPs scanned by this particular worm include those in the Netherlands, Portugal, Hungary, and Australia.

Read more: