Apple iPhone
A malicious file for the iPhone masquerades as a legitimate piece of third-party software
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com

Free email newsletters




ADVERTISEMENT

Pre-teen creates iPhone malware

IPhone hacking is child's play

Shaun Nichols in California, vnunet.com 10 Jan 2008
ADVERTISEMENT

A precocious pre-teen has prompted security warnings after creating a piece of malware for Apple's iPhone.

The 11 year-old hacker created a malicious file for the iPhone that masquerades as a legitimate piece of third-party software.

The file presents itself as 'firmware 1.1.3 prep', a utility said to prepare the handset for an upcoming software update.

Malicious activity does not occur when the software is installed; the damage is done when the user attempts to remove the malware. On deletion, the 'prep' file also removes a number of other legitimate files from the iPhone.

Security firm F-Secure credits the administrators of iPhone download site Modmyifone with publicising the attack and tracking down the author.

The administrators of Modmyifone claim that they have contacted the author's parents, and that the site hosting the malicious code has been taken down.

Since the first third-party iPhone applications were released last summer, their regulation has rested largely on the shoulders of the user community.

Apple has washed its hands of the unofficial software, saying that, while it would not take special steps to remove any iPhone hacks, it would not support or take responsibility for damage caused by third-party software.

Although this latest attack has been taken down, security firms are warning iPhone users to be very careful when installing third-party software on the mobile device.

McAfee recommends that iPhone users install only official firmware updates, and the US Computer Emergency Response Team advises users to download files only from trusted websites.

"Hopefully this serves as a warning for those who have opened their iPhones using a security hole in the system and installed unverified software without a second thought," wrote F-Secure chief research officer Mikko Hyppönen.

"This time it was an 11 year-old playing with XML files who created the Trojan. Next time it might be someone with more skills and specific targets."

See also:

Apple iPod Touch
iPod Touch 'not just a cut-down iPhone'
Under-the-hood analysis reveals fundamental differences  19 Dec 2007
2007 Review of the Year
2007 Roundup: iPhone calls the tune for Apple
Apple mobile takes the industry by storm  24 Dec 2007
Apple iPhone
iPhone tops 2007 Google search list
Technology dominates global top 10  17 Dec 2007

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
R E A D E R   C O M M E N T S
Post your comment Post your comment   What is this?

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Analyst - Network & Telecoms
(Poole, Bournemouth, Dorset, Hampshire), United Kingdom | RNLI
Analyst - Network & Telecoms - £35,000+ - Poole, Bournemouth, Dorset, Hampshire Our data and voice network team's impact on the organisation is considerable. And with something in the region of 5,000 direct users connected ... more >
PMO Support Analyst
Telford, Shropshire, United Kingdom | EDS
EDS are currently looking to recruit a PMO Support Analyst to join our Project Management Defence team in Telford, Shropshire. Summary: Within DII Service Management. To perform the PMO function for SM Service Introduction. This ... more >
Workstream Lead Requirement, Design, Build and Test (Business Analyst)
Sandiacre, Nottinghamshire, United Kingdom | NHS Midlands
Workstream Lead Requirement, Design, Build and Test (Business Analyst) Strategic IM&T - Delivery   Band 7:      £29,091 - £38,352 per annum Hours:       37.5 per week Base:         Octavia House, Sandiacre Job Ref:     973 - 080810   ... more >
I.T Technical Specialist
Inverness, United Kingdom | NHS Scotland
CORPORATE SERVICES E-HEALTH DEPARTMENT  RAIGMORE HOSPITAL INVERNESS TECHNICAL DEVELOPMENT TEAM IT TECHNICAL SPECIALIST  £24,103 to £32,653 PA An exciting opportunity has arisen to join the technical development team within the eHealth Department. We are looking ... more >
More job opportunities

Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Advertise
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . IT Week . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503