Just 2 weeks after the first iPhone virus was discovered, here comes to the third iPhone virus. And this one is serious.
Unlike the first iPhone virus, which just changes the wallpaper of iPhone lock screen and is supposed to raise the public concern of iPhone security, this Dutch variant targets to steal sensitive information, specifically the customers of ING bank. When the iPhone is infected, the worm redirects users visiting the ING banking site to a phishing website which shows a fake login screen for ING online banking. Subsequently, the hacker can steal your login account and other sensitive information.
Same as the previous iPhone virus, the worm only infects jailbroken iPhones with OpenSSH enabled and those without changing the default root password (i.e. alpine). According to security firm Sophos, this worm attacks IP ranges from a larger range of ISPs, including UPC (Netherlands), Optus (Australia), and T-Mobile (Many). It also mentioned that the worm changes the default root password of the infected devices:
Security.nl also says that the worm changes the root password from the default of “alpine” that Apple set in the factory firmware, making it more difficult for users to secure their devices.
To recover the infected iPhone, as suggested by the security firm, the only way is to restore to Apple’s original firmware via iTunes. So, how do you know if you’re infected? It’s also mentioned in Sophos’ blog post that the battery life is much shorter than normal:
One symptom noted by security.nl is that battery life is very, very short when the device is connected to WiFi, because the worm is generating so much network activity.
You shouldn’t be too worried if you’re not using jailbroken iPhone or without installing OpenSSH. Also, if you’re not ING’s customer, the virus will not affect you either. However, to prevent any further virus attack via the SSH loophole, if you haven’t done so, you should follow the procedures covered in this post to secure your iPhone immediately.
As always, feel free to leave us comment to share your experience or raise any questions.