Another iPhone worm, but this one is serious

A new iPhone worm is impacting jailbroken iPhones and iPod Touch devices. The threat, unlike the previous one, is extremely serious.

Don Reisinger
Don Reisinger
Former CNET contributor Don Reisinger is a technology columnist who has covered everything from HDTVs to computers to Flowbee Haircut Systems. Besides his work with CNET, Don's work has been featured in a variety of other publications including PC World and a host of Ziff-Davis publications.
2 min read

Another iPhone worm has been spotted in the wild.

Unlike the previous exploitation, which merely changed a jailbroken iPhone's wallpaper to a picture of Rick Astley of "Rickrolling" fame, this new threat allows hackers to steal sensitive information.

According to security firm Sophos, which wrote about the exploitation after a Dutch ISP spotted it late last week, the worm attacks jailbroken iPhone and iPod Touch devices only.

The worm "uses command-and-control, like a traditional PC botnet," Sophos wrote in a blog post on Saturday to warn users about the exploit. "It configures two startup scripts, one to execute the worm on boot-up, and the other to create a connection to a Lithuanian server to upload stolen data and cede control to the bot master."

Jailbreaking, which has been around for about two years, is a hack that enables iPhone and iPod Touch users to download applications unavailable through Apple's App Store.

Sophos wrote that the worm attacks users on several ISPs, including UPC in the Netherlands, Optus in Australia, and T-Mobile in several countries worldwide. Worse, the worm spreads faster on a Wi-Fi connection than a 3G connection. Users with affected devices might notice extremely short battery life while on Wi-Fi. According to Sophos, that's mainly due to the worm engaging in "so much network activity."

When a device is infected, it's assigned a unique number so that the attackers can easily pinpoint a single device. It also looks for authentication systems that use SMS, better known as mTANs. mTANs are frequently used by banks that send an SMS message with a password to mobile phones, allowing people to log in to their online accounts, Sophos wrote.

In essence, this threat is serious.

Sophos recommends that people with infected iPhones and iPod Touch devices restore them back to Apple's most recent firmware update. For now, there is no other way to fix the problem.