Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
Editor's Blog and Industry Comments

Rickrolling gimmick goes sour as password changing work takes control of iPhones

30 November, 2009
With iPhone hacks becoming more threatening, mobile security expert Matt Hampton of Imerja gives his view on iPhone security
Two weeks after a a piece of self-replicating code caused jailbroken iPhones to be 'Rickrolled', a new worm is targeting jailbroken iPhones whose owners have not changed the default password.

The worm changes the root password for the device, tagging them with a unique ID number and making them part of a botnet. It has the ability to take from SMS databases and security analysis has identified a script that looks for mobile transaction authentication numbers used by some banks to perform two-factor authentication with SMS-based systems

ProSecurityZone set some questions surrounding the vulnerability of the iPhone to Matt Hampton, the Chief Technical Officer of IT solutions company, Imerja.

He told us, "A lot of people, especially those in the IT industry, see the iPhone hacks as a problem that has been a long time coming, and are therefore not a great surprise. However, people less 'in the know' â€" and especially iPhone users â€" are shocked that hackers can infiltrate the Apple devices so easily. What should be understood is that it is only iPhones that have been tampered with or 'jailbroken' that have been affected.

"For those that are affected, the problem is significant as the code that is being installed is running as a super user, which means that it has the ability to make changes and install new software on to the device. This will enable access to any information that is stored on the handset, such as SMS text messages. This has been used to target ING by 'reading' the authentication tokens that are distributed via SMS."

Should iPhone users start worrying?

Matt replied, "iPhones that have not be tampered with by the user â€" or jailbroken as it has been termed â€" are not currently at risk. However, the incident has highlighted the importance of changing default passwords across systems and should be a reminder to everyone to ensure that they have done this."

If it just affects jailbroken phones, some would suggest that they deserve to be hacked, how would you react to this?

"No-one deserves to be hacked, although this worm shows the dangers of users installing modifying software without understanding the risks", Matt commented.

Do business users who don't jailbreak their phones and remember to change the default password have cause to worry?

"There is not a huge level of risk, although there are steps that businesses should always take to protect company devices, including ensuring that access to corporate information systems is auditable and reviewed regularly, that users understand the risk of installing applications and that they are aware of the danger of jailbreaking devices. The latter should be made a disciplinary action if carried out without permission."

It's clear from what Matt Hampton commented that iPhone security is not a significant threat provided that they're not tampered with so that unsupported applications can run and that the default password is changed. For businesses that issue iPhones as a corporate tool, a process and controls need to be in place to prevent users from putting corporate data at risk through jailbreaking the phones.
Bookmark and Share