Close on the heels of the iKee virus attack that rickrolled jailbroken iPhone users earlier this week comes yet another worm that exploits the same security hole – just that this one is much more dangerous.
A Mac Security software development company, Intego has revealed that the worm called iPhone/Privacy.A works very much like the iKee virus. It scans the neighborhood for jailbroken iPhones which have SSH installed on them with the default "alpine" password and once a vulnerable iPhone is detected, they are attacked to extract every kind of data stored in them by the owner. Explaining this, the Intego blog notes
"This tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app"
Unlike the earlier iKee virus, the iPhone owner in this case does not even get to know that their privacy has been compromised as the worm leaves no traces behind after the attack.
Most of us use our iPhones to not just store data relating to our personal lives, but to also store a lot of confidential business information. Such exploits could have serious implications to the user whose iPhones are attacked. If you are one of those whose iPhone is vulnerable to this worm, do not forget to change your password by following the steps given here. You might never know when your iPhone is attacked.
[via Intego Blog]