找回密碼註冊
作者: yyyfly
查看: 13679
回復: 0

文章標籤:

文章分享:

+ MORE精選文章:

+ MORE活動推薦:

GEX PRO 850W玩家開箱體驗分享活動

卓越性能,超值選擇 GEX PRO 系列通過 80 PLUS 金牌認證,實現高達 ...

體驗極速WiFi 7!MSI Roamii BE Lite Mesh

第一名 guanrung1110 https://www.xfastest.com/thread-293988-1- ...

極致效能 為遊戲而生 990 PRO SSD 玩家體驗

[*]極致效能固態硬碟 [*]PCIe 4.0 速度大幅提升 [*]優化的電源效率 ...

Micron Crucial PRO D5 6400超頻版 玩家開

解銷更快的遊戲速度! 利用低延遲遊戲記憶體的強大功能 利用 Cruci ...

打印 上一主題 下一主題

iPhone證實出現新手機病毒!

[複製鏈接]| 回復
跳轉到指定樓層
1#
yyyfly 發表於 2009-11-24 17:28:58 | 只看該作者 |只看大圖 回帖獎勵 |倒序瀏覽 |閱讀模式
消息來源

11-043.png.jpg

這一隻手機病毒會在你的iPhone背景中執行!而第一隻iPhone手機病毒可以透過關閉來刪除,
新的手機病毒則會改變您手機的使用者密碼,讓你無法如此輕易的修改!

賽門鐵克會提供偵測方法,以及解決方案!也請各位使用者盡快更新您手上的iPhone韌體!

It's only been a couple of short weeks since the iPhone background-changing incident that took the world by storm (well, parts of Australia at least), but already a Dutch ISP has reported what would be the first malicious iPhone worm to be seen in the wild.

Unfortunate news to be sure, but not exactly surprising. Our two recent blogs relating to iPhone threats warned (and I quote) that 'the publicly released code could easily be altered so that consequences were not so benign'. In case you missed them, the first blog was about the Ikee rickroller, which wasn't really considered malicious in that it only changed the iPhone background to a picture of 80's pop singer Rick Astley and was really more of a warning from the creator that jailbroken iPhones in a certain state could be compromised. That incident was followed closely by a hacktool that ran on computers but tried to scan for and log onto vulnerable devices. In both cases the so called vulnerable devices were restricted to jailbroken iPhones running SSH and using the default password of "alpine".

The new worm, which also targets jailbroken iPhones running SSH and still using the default password, can reportedly steal data contained on the iPhone as well as connect back to the attacker giving them control over the phone including the ability to download and install malware onto it. The root password may also be changed in order to prevent the owner from accessing the device. Unlike the first iPhone worm, this one appears to cover a much broader range of IP addresses, including UPC in the Netherlands, Optus in Australia, possibly a Hungarian and a Portuguese provider, T-Mobile and potentially many others. And although this particular incarnation seems to be very similar in functionality to the hacktool we blogged about , this one supposedly runs and spreads directly from an infected iPhone, not from a computer.

We are currently attempting to source a sample for analysis and will provide more information as it comes to light. If you have been infected and/or have a sample that you can share with us please post about it on the Norton Forum here.

After all the fuss caused by the previous incidents it's hard to believe anyone would have left their jailbroken iPhone in a vulnerable state, but if you think your iPhone (or iPod Touch) may have been compromised, or if you have jailbroken your device and are worried about it, we recommend that you backup your data then restore your device to its factory settings and where applicable apply the latest firmware update from Apple.

We also highly recommend you never leave a password blank, or as the factory default.

UPDATE: Scott McIntyre at XS4ALL kindly provided us with a sample. We have added detection for it as iPhoneOS.Ikee.B.
您需要登錄後才可以回帖 登錄 | 註冊 |

本版積分規則

小黑屋|手機版|無圖浏覽|網站地圖|XFastest  

GMT+8, 2024-11-22 01:55 , Processed in 0.112739 second(s), 64 queries .

專業網站主機規劃 威利 100HUB.COM

© 2001-2018

快速回復 返回頂部 返回列表