Hackers have borrowed a tactic from the world's first iPhone worm to build a botnet that steals data, including online banking credentials, from jailbroken Apple smartphones.
A new worm, dubbed Duh by U.K.-based security firm Sophos, is related to the "ikee" worm released earlier this month only in its approach, not in its code, said Chester Wisniewski, a senior security advisory with Sophos. "It's different code, but the same conceptually," Wisniewski said.
[ Stay up on tech news and reviews from your smartphone at infoworldmobile.com. | See which smartphone is right for you in our mobile "deathmatch" calculator. | Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]
Both ikee and the new Duh worms take advantage of the default password used by the SSH (secure shell) Unix utility, which is installed by some users after they've "jailbroken" their iPhones. (The "jailbreak" term refers to the process of modifying an iPhone so its owner can download and install software outside Apple's official App Store channel.) SSH lets users connect to their iPhone remotely over the Internet via an encrypted channel.
Duh changes the default SSH password of "alpine" to its own "ohshit" password, Wisniewski said.
Two weeks ago, noted iPhone and Mac vulnerability researcher Charlie Miller warned users that jailbreaking their iPhone puts them at greater risk from attack.