http://bit.ly/3m8kkm US court rejects class action status for Intel antitrust suit: S'pore marketeers not chirping... http://bit.ly/aRbqv3
6 minutes ago by eLogicMarketing on twitter
TOP NEWS: iPhone 4 to ring in Singapore on Friday
ZDNet / News / Security
Second iPhone worm behaves like botnet
Summary
update As with first malware, new worm affects SSH protocol in jailbroken iPhones but is "much more serious" as it may attempt to steal data, F-Secure warns.
Topics
smart phone, f-secure, worm, ssh, password, phone, virus, security company, apple iphone, blog
Events
IT Priorities 2010
Sydney, Australia - 27 Jul 2010
Melbourne, Australia - 28 Jul 2010
Mumbai, India - 4 Aug 2010
Delhi, India - 6 Aug 2010
IDC's Asia/Pacific Cloud Computing Conference 2010
31 Aug 2010
Marriott Hotel, Singapore
update A second iPhone exploit has been identified by security vendor F-Secure, which claims the new worm has botnet capability and is more threatening than its predecessor.
Mikko Hyponen, chief research officer at F-Secure, said in a blog post that the new worm, like the first, affects jailbroken iPhones with SSH (secure shell) protocol enabled and unchanged default passwords. The Finnish security company has yet to name the new threat.
Ikee, which was discovered earlier this month, was said to infect vulnerable phones in Australia. When the worm strikes, it alters the iPhone's wallpaper to an image of Rick Astley with the message "ikee is never going to give you up".
According to F-Secure, the latest worm connects to a Web-based command and control center in Lithuania.
"The worm is not widespread, but it is much more serious than the first iPhone worm as it seems to try to steal information from the devices," Hyponen said in the blog post.
In July, F-Secure indicated that the iPhone has a 10 percent share of the smartphone market. Symbian is currently the most popular smartphone platform, at 49 percent.
Altered password recovered
Paul Ducklin, Sophos' head of technology for the Asia-Pacific region, in a blog post Monday that the new worm he dubbed "Duh" changes the root password which is hidden from users.
Using a password cracker, Ducklin identified the new password as "ohshit". Using this password, users of infected phones can log back into their iPhones and remove the virus, he said.
In a follow-up e-mail to ZDNet Asia, Ducklin said users should upon login check for a directory named "/private/var/mobile/home", which hosts the viral files. Files named "inst", "cydia.tgz", "duh", "sshd" and "syslog" ought be be removed to deactivate the malware, he said.
"Don't have an 'ohshit' moment. Don't give jailbreaking a bad reputation. Change those passwords now," he urged. "Duh changes any password which is currently 'alpine', not just the root password. So fix any user accounts as well."
The latest worm, Ducklin pointed out, was "not unexpected" given the chain of events leading up to it. "A Dutch guy hacks into iPhones--using 'alpine' [as password]--to ask for 5 euros to explain how to secure your phone. There's a reaction.
"Two weeks later an Aussie builds on this idea by writing Ikee, a self-replicating attack, in what he blithely claims to have been an experiment gone wrong," he noted. "And two weeks after that, someone else builds on Ikee with the 'Duh' virus--using Ikee's idea for copying itself to other devices combined with a botnet-based command channel."
Access data anywhere in the private cloud & enable entirely new efficiencies with EMC VPLEX.
Tech Vendor: EMC
Tech Vendor: EMC
Latest Stories
ZDNet Asia Live
US court rejects class action status for Intel antitrust suit: S'pore marketeers not chirping to Twitter's tune: M... http://bit.ly/96519K
6 minutes ago by georgebrandt on twitter
US court rejects class action status for Intel antitrust suit: S'pore marketeers not chirping to Twitter's tune: M... http://bit.ly/aRbqv3
6 minutes ago by victoria_stone1 on twitter
Twitter >> US court rejects class action status for Intel antitrust suit: S'pore marketeers not chirping to Twitte... http://bit.ly/bOmkBK
6 minutes ago by theavt on twitter
US court rejects class action status for Intel antitrust suit http://bit.ly/99vBmw
6 minutes ago by CinciSEO on twitter
US court rejects class action status for Intel antitrust suit: S'pore marketeers not chirping to Twitter's tune: M... http://bit.ly/bMfubP
6 minutes ago by OurAwesomeWorld on twitter
US court rejects class action status for Intel antitrust suit: S'pore marketeers not chirping to Twitter's tune: M... http://bit.ly/9wiinG
6 minutes ago by SEOMANUK on twitter
Shocked! RT: @danielgoh: Oh really? RT @scoopsg: (zdnetasia) S'pore marketeers not chirping to Twitter's tune http://scoo.ps/dpkySs
10 minutes ago by mitchtan on twitter
Non-green IT products 'marketing suicide': Vendors selling products not labeled environmentally-friendly or "green... http://bit.ly/aCqko4
12 minutes ago by FxForexer on twitter
Non-green IT products 'marketing suicide': This 50-hectare eco-business park is described as a "living laboratory"... http://bit.ly/9NmIIf
16 minutes ago by SustainableBiz on twitter
Non-green IT products 'marketing suicide': By Munir Kotadia, ZDNet Australia on July 30, 2010 (8 minutes ago) Vend... http://bit.ly/aCqko4
20 minutes ago by OutsourceMethod on twitterNon-green IT products 'marketing suicide': At the same time, it seems vendors see green technology as a very high ... http://bit.ly/aCqko4
48 minutes ago by greentreats on topsyRT @zdnetasia: Searchable Facebook user data posted to Pirate Bay http://bit.ly/ciJQxY
1 hour 45 minutes ago by phyllis777loves on topsyFacebook led police to Philippine serial killer -- http://ow.ly/2iGnh
2 hours 1 minute ago by hazelhassan on topsyhttp://bit.ly/8v7Ov3 S'pore marketeers not chirping to Twitter's tune - ZDNet Asia http://is.gd/dSngs
3 hours 53 minutes ago by easytweeting on topsyin the mean time, if you need to find PDF eBooks, you may use http://www.findpdf.us/
4 hours 24 minutes ago by findpdf on Researchers find workaround for Adobe PDF fixJust want to say what a great blog you got here! My appreciation of your work, cause i am an IT student also. Try this one too, http://w...
4 hours 32 minutes ago by winsource on Making the case for Filipino IT entrepreneurshipHi, We have ton of HP empty cartridges. Could you collect them in our office??
Thanks
Thanks Kenneth, for your insights. Good to know people out there can see the issue for what it is, and to do so impassively, that is. ...
2 days 30 minutes ago by yedwin on iPhone 4 shows prudence in procrastinationWhile I agree that the issues with the device have raised many an eyebrow, I think it's unwise to forget that many phone reviews have...
2 days 42 minutes ago by kennethkoh on iPhone 4 shows prudence in procrastinationThe online apple store http://store.apple.com/ is not available now. Maybe it's updating the pricing ;)
2 days 40 minutes ago by mingnow on iPhone 4 to ring in Singapore on FridayAfter an awful silence, finally the prices are out..
2 days 35 minutes ago by melvinchia on iPhone 4 to ring in Singapore on FridayGlad you discovered the Xfce 4.6 magic. Its other endearing feature is its phenomenal configurability. You can make the desktop look and ...
3 days 42 minutes ago by gnome_refugee on Smitten with Xfce 4yep, tried them all and xfce with compiz/emerald instead of fvwm is by far the best experience I've had. If you didn't know ther...
3 days 40 minutes ago by ggolemg on Smitten with Xfce 4@mingnow: why do you think so? How do you think the FOSS community could tackle this issue? I'm involved in a lot of efforts to get t...
3 days 46 minutes ago by fredericmuller on Taobao initiates Chinese open source revolutionGeez. I would think giving free books and getting kids to school would be a better place to start.
3 days 54 minutes ago by mingnow on India's US$35 tablet--how low can it go?I think it's great the that country with the biggest internet population is finally contributing back to the open-source world. I thi...
4 days 40 minutes ago by mingnow on Taobao initiates Chinese open source revolutionhey.there Im Wendy from a PR Agency.I find your blog interesting and well written.In days to come,we would hold an event. Therefore We ...
4 days 11 minutes ago by wendy on iPhone 4 shows prudence in procrastinationIt could be done without all these. Just use the opacity addon of Compiz.
4 days 35 minutes ago by hariks0 on How to get RGBA support in UbuntuKeep Up With ZDNet Asia
Facebook 
RSS Feeds 
Newsletters 
Twitter Inside ZDNet Asia
Sponsored
Stop Waiting Start Switching to Juniper
Free Gartner Report shows it reduces costs and increases efficiency
What makes a hospital a smart hospital?
Download your copy of 'The Smart Hospital' Resource Kit to learn more
2010 IT Salary & Skills Report
Find out the salary range of IT professionals. Join activeTechPros for free access to the report.
Second iPhone worm behaves like botnet
They posted more information on this virus at http://dotdoh.com/?p=504