Add to del.icio.us     Digg this

December 22, 2009

Released in late November, the IKee-B iPhone worm exploits default root passwords on jailbroken iPhones to turn the smartphones into botnet clients under the control of a server based in Lithuania. The virus affected many iPhone users in The Netherlands, and specifically targeted customers of Dutch online bank ING Direct. The were also a few more reported and similar incidents as well.

Security researchers at SRI International published an analysis of the iPhone botnet that warns users of Apple's device and similar smartphones to expect more of the same in the near future.

Warnings about mobile malware have been circulating for many years now, but it's only since the advent of iPhones and other smartphones, allowing Internet access with what's essentially a mini-computer, that such risks have become more tangible, SRI warns.

Although the iKee.B botnet admittedly offers a rather limited growth potential, iKee.B nevertheless provides an interesting proof of concept that much of the functionality we have grown to expect from PC-based botnets can be easily migrated into a lightweight smartphone application.

iKee.B demonstrates that a victim holding an iPhone in Australia can be hacked from another iPhone located in Hungary, and forced to exfiltrate its user's private data to a Lithuania C&C server, which may then upload new instructions to steal financial data from the Australian user's online bank account.

While it is still unclear just how well prepared smartphone users are to this new reality, nevertheless, it is clear that malware developers are preparing for this new reality right now.

Overall, SRI's researchers conclude that although the Ikee-B worm is simpler than its PC relatives, it comes with the potential to evolve in something even nastier. Unlike the previous generation of mobile phones that were at their worst susceptible to local Bluetooth hijacking, modern Internet-tethered cellphones are today susceptible to being probed, fingerprinted, and surreptitiously exploited by hackers from anywhere on the Internet.

On its own, the iKee bot is one of the latest offerings in smartphone malware, in this case targeting jailbroken iPhones.

While its implementation is simple in design in comparison to the latest generation of PC-based malware, its implications demonstrate the potential extension of crimeware to this valuable new frontier of handheld consumer devices.

Based on reverse engineering of the malicious code, the analyzis by SRI's researchers should be interpreted as a warning of things to come in the New Year, and what we can expect from some of these iPhone worms.

Add to del.icio.us     Digg this

Source: SRI Security Research.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.