FBI warns smartphone users of Android malware

By Cody Lee on Oct 15, 2012

Though Apple takes quite a bit of criticism, from both users and developers, over its rigorous App Store approval process, there is one significant benefit to the approach: security. iOS sees just a fraction of the viruses and malware as other, more open platforms.

Case in point: the Internet Crime Complaint Center (IC3), which does work for the Bureau of Justice Assistance and the FBI, issued a warning late last week to smartphone users regarding malware for mobile phones. And unsurprisingly, there was a focus on Android… Read More

 

Windows malware found embedded in App Store app

By Cody Lee on Jul 24, 2012

It looks like Apple’s App Store troubles aren’t over with quite yet. A new report is out this afternoon claiming that Windows malware has been discovered in an Apple-approved iOS app.

Instaquotes Quotes-Cards for Instagram, a third-party title that crawls the popular photo sharing service in search of Image Quotes, is said to contain an old made-for-Windows worm… Read More

 

Malicious spam app discovered in the App Store [updated]

By Cody Lee on Jul 5, 2012

Apple has had a fairly spotless record thus far regarding iOS security. There hasn’t been a single [serious] breach, or malware outbreak — aside from what jailbreak hackers have uncovered, of course.

But it looks like the perfect streak has finally come to an end. A Russian security firm announced this morning that it has discovered a malicious spam [aka a Trojan] application in the App Store… Read More

 

McAfee: Malware on Android Increasing Rapidly, iOS Remains Untouched

By Cody Lee on Aug 24, 2011

You’ve more than likely heard of McAfee. The security experts have been blocking viruses on PCs for years, and are now dabbling in mobile research. The firm just announced the results of their recent study on mobile malware.

We saw a similar analysis by Symantec a few months ago. And surprise surprise, the results haven’t changed that much. iOS still seems to be the most secure mobile operating system available… Read More

 

iOS Proves Much More Secure than Android

By Cody Lee on Jun 29, 2011

You don’t have to be around computers very long before you hear the word Symantec. The security company is responsible for the popular Norton AntiVirus software suite, among several other utilities.

Like the rest of the PC world, Norton is trying to stay relevant in wake of a huge industry swing towards mobile products. So the security firm recently did some research on the different ways that Android and iOS handle security methods. Guess who wins? Read More

 

iOS Virus Lurking Behind Shady Jailbreak and Unlock Ads?

By Cody Lee on Apr 12, 2011

Those of us who enjoy Apple products also enjoy a sense of security. In the 4 years I’ve been carrying an iPhone, I’ve yet to have to worry about security on my phone, other than maybe a passcode. Apple’s tight grip on iOS and 3rd party developers has actually done well to keep security threats at bay.

I’m not saying those days are over, but there is an interesting story floating around the internet that surfaced sometime over the weekend. I brushed it off at first, but when a Google search returned over 100 results, I started reading. Smooth Blog, among many others, is reporting that a virus has been infecting iPhone users around the globe… Read More

 

Any iPhone Can Be Infected By Spywares

By Sebastien Page on Dec 11, 2009

So you thought you’re iPhone was safe from getting any worm or virus because you didn’t jailbreak it? Think again! We talked before about Ikee, iPhone/Privacy.A and other unnamed worms but only those jailbroken iPhones were vulnerable. Now your brand new stock iPhone may get infected too…

According to the Register:

Swiss iPhone developer Nicolas Seriot has published research on security shortcomings that could create a mechanism for hackers to lift data from regulation iPhones. Email accounts, keyboard entries held in cache and browser history files are all potentially exposed by a malicious app.

Seriot has developed a proof of concept app, called SpyPhone, in order to demonstrate how Apple’s own APIs might be misused to read or edit a user’s address book, browse web surfing history, recent GPS position and more.

The full presentation is available for download from here (pdf).

If you’re thinking that you’re still safe because Apple will never allow such an app in the App Store, then you’re wrong. As Martin Bryant reports, it seems that it’d be relatively easy to fool Apple into approving a spyware app by delaying deployment of the spyware, encrypting the payload or by using clever coding tricks.

Scary, isn’t it? More scary is that some of these apps might already be in the App Store. Haaaaaaa! Alright, people, relax! While this is all true and possible, I highly doubt that we should worry too much for now.

Are you worried?

 

Warning: Your iPhone is Under Attack! Here Are Instructions on How to Get Maximum Protection

By Sebastien Page on Nov 26, 2009

Let’s be honest, the iPhone has had a pretty long run without being the target of hackers and it’s about time it gets its share of viruses and worms.

A few weeks ago, I wrote an article showing you how to protect your iPhone against hackers. But what happens if you have already been infected? What are the symptoms and how to get rid of them?

In this article, I will show you how to figure out which worm (if any) has infected your iPhone, and how to get rid of it while making sure it never comes back.

This information was first compiled by Patrick Miller of PC World, and I adapted it for the purpose of this article.

Ikee

Ikee was the first virus to target the iPhone. The symptoms are pretty clear: it changes your wallpaper to a picture of Rick Astley. So if you see a picture of a young man with the words “ikee is never gonna give you up”, then look no further, you have been infected by the Ikee worm.

Thankfully, getting rid of Ikee is pretty simple. First you will have to download and install MobileTerminal from Cydia and reboot your iPhone. Then launch MobileTerminal and login with your username and password under your root account. If you haven’t changed it yet (and you should), your username is “root” and your password is “alpine”.

Now follow these commands. Everything is case sensitive so be very careful.

rm /bin/poc-bbot
rm /bin/sshpass
rm /var/log/youcanbeclosertogod.jpg
rm /var/mobile/LockBackground.jpg
rm /System/Library/LaunchDaemons/com.ikey.bbot.plist
rm /var/lock/bbot.lock

These commands sometimes don’t work. That means you are infected by an alternate version of Ikee. If that’s the case, follow these commands instead:

rm /usr/libexec/cydia/startup
rm /usr/libexec/cydia/startup.so
rm /usr/libexec/cydia/startup-helper
rm /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist

Note that if you have to remove the 4 files above, you will have to reinstall Cydia.

iPhone/Privacy.A

The iPhone/Privacy.A is harder to detect because it doesn’t leave any track on your iPhone. Instead, it can be installed on any computer (even Mac OS X) and it will scan all available networks in search of a vulnerable iPhone to infect.

In order to get rid of iPhone/Privacy.A, simply update and run your antivirus. It should have no problem detecting and deleting it.

Unnamed Worm

The last worm hasn’t been named yet. You can easily figure out if you’ve been infected if your battery is running down abnormally quickly. The reason to this battery drain is that the worm is constantly running in the background in search of other iPhones to spread to over wifi. This one is pretty tricky too as it will change your default SSH password to prevent you from deleting it.

Unfortunately there is no easy fix for this unnamed worm. The only solution at the time is to restore your iPhone and set it up as a new phone (do not restore from backup).

How to Make Sure You Don’t get Infected Again

The best way to make sure you don’t get infected in the first place (or don’t get infected again) is to change your iPhone root password. You may want to refer to this tutorial on how to do this.

I hope this information will be usefel those of you who have been infected, but hopefully you won’t have to use it…

 

Patchulous is a virus

By Sebastien Page on Oct 13, 2008

If you’re like me and you check the new apps in Cydia on a daily basis, you probably saw a new app called Patchulous. The description of Patchulous may be interesting for anyone having issues with cracked .ipa files:

Patchulous patches .ipa files that have a second security measure such as TextGuru or BlueSkies. This can be used for other IPAs that may come out in the future with second security measures.

I googled Patchulous and came across this thread on MMI. Here is what user ButFuq (interesting screen name!) reports about Patchulous:

immediately after installing it to 3g iphone- all cracked apps not installed through cydia were erased. it was installed through cydia.

If I were you, I would not install this app until we know more about it.

 

Hackers distribute Trojan as iPhone game

By Sebastien Page on Sep 18, 2008

Beware of this Penguin.Panic.zip attachment!

A new spam email aimed at Windows users who have an iPhone has surfaced. The virus, which pretends to contain the most popular iPhone game in a attachment, actually contains a Trojan Horse Troj/Agent-HNY. Although it looks like a pretty cute and funny game, it could really arm your PC.

The attachment doesn’t even execute on a Mac but it will infect your PC right away.Instead of opening the game as you would expect, a simple message pops up saying “Shoes”. Once opened, deleting the game will not help at all as it will delete other files on the system, which will cause some of your Windows process to crash.

Do not open emails that show the following subject lines:

  • Virtual iPhone games!
  • Take a break!
  • Apple: The most popular game!
  • Virtual iPhone toys!
  • Beet my score! (7000 points)

Possibly more are coming so be careful. If you see an email from someone you don’t know, delete it right away. I sounds like common sense but it seems people are still being tricked by these emailed viruses.

Source: Sophos