iPhone Worm "ikee.b" Threatens Dutch ING Online Banking Users
A new iPhone worm has been identified by F-Secure that poses a direct threat to jailbroken phones, particularly for Dutch iPhone users. The iPhone worm named "ikee.b" is considered to be the first malicious virus to spread on iPhones. It has been specifically targeting Dutch ING online banking information for Netherlands users with iPhones that have never re-set their passwords through the SSH application.
The worm unwillingly and unknowingly redirects clients of ING to a copycat site that allows remote hackers to access user information. Data is collected on a remote server in Lithuania. While the worm can only affect jailbroken phones that have not had a password re-set from the default "alpine," this still poses a serious threat to theft of personal information for many users who have never changed their iPhone passwords.
Security experts at F-Secure warned that the worm could effectively turn infected iPhones into a "botnet", a network of compromised computers at the mercy of hackers or cybercriminals that can be accessed and controlled without the permission of the user. The worm can be transferred from one jailbroken iPhone to another if they are using the same wireless internet connection or hot spot.
Early signs of odd activity were reported by Dutch ISP XS4ALL and were confirmed shortly after by Sophos as an actual iPhone worm. One of the reported dangers is that this worm can supposedly detect vulnerable phones based on IP addresses, and target users in multiple countries.
While the first "ikee" iPhone worm spread a few weeks ago, it was considered to be more of an annoyance than any kind of threat to personal security. This newer "ikee.b" can be avoided by users re-setting their jailbroken iPhone passwords from the "alpine" default as soon as possible.