Advertisements
 

iPhone Security Issues Not Exclusive To Jailbroken Devices

December 4, 2009

In the past few months there have been multiple worms released into the wild that affected inadequately protected jailbroken iPhones. However a Swiss iPhone developer has published research that indicates that there are also security vulnerabilities affected un-jailbroken devices too. This doesn’t come as much of a surprise to most as it was only a matter of time.

The developer, Nicholas Seriot has created a proof of concept app called SpyPhone to demonstrate how Apple’s own APIs can be used to read and edit user’s address books, gain access to the user’s web surfing history or even recent location information. Although this is not as bad as what can be done with root permissions to the device, it can still effect users, especially when they think they are safe.

For the attacks to work, the application with the malicious code would need to get through the App Store approval system, however this wouldn’t be very hard as pointed out by many developers, as Apple doesn’t check source code but does have a kill switch on every app. The code would be delayed, so that it only beings to work so many weeks after the app is released or it could be an encrypted payload.

Nicholas Seriot detailed these possible iPhone privacy risks in a talk he delivered in Geneva, during which he also outlined possible defense strategies, suggesting that Apple should design the iPhone OS to require users to authorize read or read-write access by iPhone applications to potentially sensitive on-device information such as the Address Book, add firewall functionality to the device and ensure the keyboard cache is not as readily available to third-party applications.

Developers Research

Related:
How To: Change Your iPhone’s SSH Password

Dutch Hacker Hack’s Into Jailbroken iPhone’s
iPhone Worm Rickrolls Jailbroken Devices
Second iPhone Worm Used For Malicious Purposes

Advertisements

Second iPhone Worm Used For Malicious Purposes

November 23, 2009

There has been news today of yet another iPhone worm that affects users who have unsecured SSH installed on their device.

Security Company, F-Secure, has unearthed this latest worm for the iPhone which targets people in the Netherlands, as it did before with the first exploit of unsecured SSH. It targets users who use their iPhone to online bank with ING. Much like a phishing attack, it redirects the bank’s users to a look-a-like website with a log-in screen.

The worm only affects jailbroken devices as before, and only devices with SSH that has the default password are affected. This latest worm is more serious than the ones prior, as they were created to warn people, that things such as this could happen. The security company, F-Secure, have also said that it can behave like a botnet and send itself to other un-secure devices on a local WiFi network.

The phone can be controlled by the hacker remotely without the knowledge or permission of the user. Hackers can ring people, text people, copy your contacts or what ever they wish with your device if it’s left open. At the moment it’s only spreading around the Netherlands, but soon enough malicious hackers will most likely take advantage of the users who don’t change the default password.

A spokesperson for ING Bank said that a warning was going to be put on the bank’s official website.

“We are also briefing call centre personnel,” she added. “It’s important to remember that the worm only affects jail-broken phones and it is only aimed at customers in the Netherlands.”

If your device is jailbroken and you believe SSH maybe, or is installed then please read this guide to secure your device. Many other guides will not fully protect you as they only change the mobile user password and not the root.

If you wish to read more from F-Secure on this issue click here.

Related:

How To: Change Your iPhone’s SSH Password
Dutch Hacker Hack’s Into Jailbroken iPhone’s
iPhone Worm Rickrolls Jailbroken Devices


iPhone Worm Rickrolls Jailbroken Devices

November 8, 2009

Over the past week there has been a lot of news over unsecured SSH on iPhone. First about the Dutch hacker who wasscanning the network for jailbroken users who had not changed their default SSH password. Now a hacker who goes by the name of “ikee” from Australia, created a worm that changes the home screen background to Rick Astley.

As I’m sure your aware by now this only affects users who have jailbroken their phone and installed OpenSSH, not just general users or who have jailbroken their device. If you have jailbroken your device and have got OpenSSH installed please read this guide on how to change your default password to ensure none of these worms or hacks will affect you.

Rickroll iPhone Worm

ikee says this is how the worm spread: “The code itself is set to firstly scan the 3G IP range the phone is on, then Optus/Vodafone/Telstra’s IP Ranges (I think the reason Optus got hit so hard is because the other 2 are NAT’d) then a random 20 IP ranges. I’m guessing a few phones hit a range that another vulnerable phone was on.”

Once one phone is infected it searches for phones with the default password and then begins the process again.

Dutch Hacker Hack’s Into Jailbroken iPhone’s

How To: Change Your iPhone’s SSH Password


How To: Change Your iPhone’s SSH Password

November 3, 2009

As many have been prompted by the recent icident, including Dutch iPhones on T-Mobile, the SSH on the iPhone has a default password which most people do not change, leaving themselfs unprotected. Here’s the quick guide to change your root password on your iPhone.

MobileTerminal

Please note that some guides will change the mobile password, however this will still leave you unprotected so ensure you follow these instructions carefully.

  • Download ‘MobileTerminal’ from Cydia.
  • Run MobileTerminal
  • Type ‘passwd’
  • Enter your new password
  • Enter it again
  • Type ‘su root’
  • Then Type: ‘alpine’ (iPhone 3G, iPhone 3GS) ‘dottie’ (iPhone 2G)
  • Press Return
  • Type ‘passwd’
  • Enter your new password
  • Enter it again
  • Now your iPhone is secure from SSH hacking

Dutch Hacker Hack’s Into Jailbroken iPhone’s

November 3, 2009

A Dutch hacker used a port scanning to identify jailbroken iPhones on T-Mobile Netherlands with SSH running.Jailbroken iPhone HackedJailbroken user’s commonly use SSH to run standard UNIX commands on their iPhone. However, due to the way it’s set up all iPhones have the same default root password that most people don’t change. This means if a user knows a iPhone is close running SSH they can access all of the files on the device.

The Dutch hacker used the unchanged root passwords to hack into the phones, he then sent a SMS alert to the phones that read, ” You iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.” Once going to the website it directs the user to send €5 to a PayPal account, after which the hacker will e-mail instructions to remove the hack—which most likely involve restoring the iPhone to factory settings.

The hacker doesn’t appear to have malicious intent, other than to glean some extra cash. “If you don’t pay, it’s fine by me,” reads the page mentioned in the message to the hacked iPhone owners. “But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It’s just my advice to secure your phone.”

To stop this from happening to you read the article on How To: Change Your iPhone’s SSH Password.


How To: Disguise An App

September 6, 2009

So let’s say you have an App on your phone that you really need, but other people would keep going on it and you don’tDisguise App really want them using it or seeing what it is. Well there is a simple way to disguise an app on your iPhone as anything you want.

Let’s say the app we want to hide is Cycorder.

Getting Started

First of all you have to SSH into your device and go to your Applications folder and open the relevant folder, in this case being Cycorder.app.

Once this is opened you will see the following files:
Cycorder
icon.png
info.plist
loading.png

Note: these will vary on application, but the files needed will remain the same.

Now copy the files icon.png and info.plist to your computer.

Before editing either it’s a good idea to backup the files just in case you go wrong.

Editing The Icon

People using the iPhone will most likely use icons to refer to an app, so changing the icon of the app you wish to hide is the first thing to do.

First you need to get the icon from another app or you could make one yourself. Simply pressing the Home button and Sleep/Wake button will capture a screen shot of your home screen and you edit the icon to the correct size etc.

Note: Always save the icon as a png image and make sure it’s transparent.

Downloading a free app off the App Store would maybe be a better idea for this as it gives you a quick and disposable way to disguise an app. However think about if people are likely to click on it, so find something boring.

Once you’ve edited and saved your new icon, save it as a png and copy it back to the app folder on the iPhone, replacing the original.

Changing The Name

The second way people will know which app is which, is via the name underneath the icon (which by now you will have changed).

To change the name simply open the plist either using a text editor or a dedicated plist editor such as iPodRobot’s plist editor.

Look at the plist and find the tag called
<key>CFBundleDisplayName</key>

and change the value below it what you wish the app to appear as on the home screen.

Once this is done, save the plist and copy it back to your device, overwriting the old one.

Now re-spring or re-boot your device and the application will now be disguised.