First iPhone Trojan horse reported

volcomguysd

New Member
Bronze
Sep 5, 2007
33
0
0
#1
Saw this on CNET a few minutes ago: January 8, 2008 11:02 AM PST

http://www.news.com/8301-10789_3-9845266-57.html?tag=cnetfd.blogs.item

http://www.symantec.com/enterprise/...g/2008/01/first_sightings_of_malicious_i.html

Didn't see it mentioned anywhere on the boards, so I thought I would throw this out there. My g/f came very close to installing this a few days ago! The site is offline now, but doesn't mean that other people still won't try to distribute it...
---------------------------------------------------------------

Posted by Robert Vamosi

Seen more as a prank than an actual threat, a Trojan horse for the Apple iPhone, first reported on Saturday, has already come and gone. Still, users should be on the look out for a package called "iPhone firmware 1.1.3 prep," described as something you need to install before updating to the new 1.1.3 firmware. Billed as an "important system update," the code does little more than cause annoyance. According to various sources, once the Trojan is installed it simply displays the word "shoes."

However, the Trojan also overwrites several legitimate applications, including Erica's Utilities, Launcher, Doom, and OpenSSH, meaning that if you uninstall the Trojan, you will need to reinstall these applications later. This appears to be a consequence of poor programming.

The risk to iPhone users is now considered negligible since the host sites have all been taken down.

As antivirus vendor F-Secure concluded in its blog, "This time it was an 11-year-old kid playing with XML files who created the Trojan. Next time it might be someone else with more skills and with specific target."
 

tdefriez

New Member
Bronze
Jul 2, 2007
139
0
0
#4
So the panic starts

:eek:
It was not exactly a virus - you had to specifically install it using installer from a untested/uncleared source - that hardly constitues a virus in the windows sense which automatically install themselves without user input - clearly a case were the virus protection companies are scare mongering to promote future sales - bottomline if something asks you to install it and you don't know whether its safe don't install it
 

phsycology

Zealot
Gold
Dec 29, 2007
2,667
5
38
24
Bolton, United Kingdom
#5
yeh after I posted I remembered reading an article on it last week and how an 11 year old made it LOL false alarm :p
 

x999x

New Member
Gold
Aug 6, 2007
1,656
0
0
#6
This was reported over the weekend, thought y'all got the memo already.

Do I have to start making threads here again?
 

xsbx

New Member
Bronze
Jan 5, 2008
40
0
0
#7
Man if you get an actual trojan on your iPhone you must be a moron. And people don't bother making little viruses to screw up are apps. Do something better with your life.
 

Lincoln

New Member
Gold
Aug 11, 2007
6,100
4
0
#10
There's another thread on this. It was created first, search before you post.

- John
 
Last edited by a moderator:

Lincoln

New Member
Gold
Aug 11, 2007
6,100
4
0
#13
There was also another thread on this created today in the Software forum.

Why do people simply neglect to search?

- John
 

patrickj

Genius
Gold
Sep 2, 2007
6,221
445
83
Austin, Tx
ipadinsight.com
#14
Word. None of this will come through the SDK.

I know that Mark (iPhonian) stopped modding for this very reason.

- John

There's never any guarantee when it comes to software, and being immune or bulletproof in terms of malware. SDK won't change that. As long as there are people out there creating trojans and worms etc., there's always a risk. There have been many cases in the past where shrink-wrap software ships with a virus or other malware on it. It's also worth noting that one of the main reasons the iPhone is especially vulnerable right now is due to a current security model where everyone runs with root privileges - that's Apple's doing - not any hackers' doing. That security model will surely change along with the SDK coming out, so that part should be an immediate step up in security, but things like the iPhone's massive popularity and its powerful browser are going to mean it's still a big target, SDK or no SDK ...
 

Lincoln

New Member
Gold
Aug 11, 2007
6,100
4
0
#15
There's never any guarantee when it comes to software, and being immune or bulletproof in terms of malware. SDK won't change that. As long as there are people out there creating trojans and worms etc., there's always a risk. There have been many cases in the past where shrink-wrap software ships with a virus or other malware on it. It's also worth noting that one of the main reasons the iPhone is especially vulnerable right now is due to a current security model where everyone runs with root privileges - that's Apple's doing - not any hackers' doing. That security model will surely change along with the SDK coming out, so that part should be an immediate step up in security, but things like the iPhone's massive popularity and its powerful browser are going to mean it's still a big target, SDK or no SDK ...
This is true; but you can bet anything that Apple will run through the software they distribute 10 times harder than whoever (if anybody) does it for Installer.

- John
 

patrickj

Genius
Gold
Sep 2, 2007
6,221
445
83
Austin, Tx
ipadinsight.com
#16
This is true; but you can bet anything that Apple will run through the software they distribute 10 times harder than whoever (if anybody) does it for Installer.

- John
I don't know that that's how it would work. Once there are dozens / hundreds / thousands of apps for the iPhone platform (as there are for Palm and WinMo) Apple will not be involved in testing individual apps, there will just be a method for certifying developers in some way.
The biggest help in this area will be strengthening the underlying security model on the device - for instance, making it so that a rogue app cannot modify or write to any critical system directories etc.
 

KNK

New Member
Jul 22, 2007
2,391
1
0
Stevenson Ranch
#17
There was also another thread on this created today in the Software forum.

Why do people simply neglect to search?

- John

Searching? It has to be instant gratification, someone else do the job. I had someone come down on me today because I had him search a 101 page thread with some of your wallpaper postings. We are not Google here.:mad:
 

chris

Administrator
Administrator
Jun 10, 2006
11,813
1,779
113
Long Island, NY
#18
Any questions on why Steve chose to keep the iPhone closed, shall be put to rest. This is actually getting press on ZDNet and others. Of course, if true, this would be bad press.:laugh2:
 

x999x

New Member
Gold
Aug 6, 2007
1,656
0
0
#20
This stuff wont work without permissions, of which you have to grant by installing and clicking Yes to proceed in Installer (the malware's main source of distribution).

Until we get them to work autonomously we jailbreakers have nothing to worry about. Oh man, I hope y'all patched your Tiff exploits if you're not on 1.1.2, otherwise this trojan could very well become autonomous! :(