[ISN] 'First' iPhone Trojan rolls into town

From: InfoSec News (alerts@private)
Date: Tue Jan 08 2008 - 00:05:08 PST


http://www.theregister.co.uk/2008/01/07/iphone_trojan/

By John Leyden
The Register
7th January 2008

Hackers have created Trojan horse malware targeted at Apple's much-hyped 
iPhone device.

The package - more of a prank than a threat - poses as an "important 
system" upgrade supposedly needed prior to upgrading to version 1.1.3 of 
Apple's firmware. The "iPhone firmware 1.1.3 prep" seems to lack 
malicious purpose. Problems kick in when users try to uninstall the 
package.

The bogus firmware reportedly affects components of other applications 
during the install process including Erica's Utilities (a collection of 
command-line utilities for the iPhone) and OpenSSH. If the user chooses 
to uninstall the rogue package, these others applications will also be 
removed leaving users of the much-hyped device with the chore of 
reinstalling these applications.

"This is technically the first Trojan horse seen for the iPhone, however 
it does appear to be more of a prank than an actual threat," Symantec 
researcher Orla Cox. "The impact of uninstalling the 'Trojan' would 
appear to be an unintended side effect".

Web sites hosting the malicious package were taken offline soon after 
the discovery of the low-risk nuisance over the weekend. Although little 
damage was done users ought to take the incident as a warning to be 
careful about what packages they install on their phones.


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/



This archive was generated by hypermail 2.1.3 : Tue Jan 08 2008 - 00:19:51 PST