Malware Secretly Copies Private iPhone Data

Only days after the ikee worm was unleashed on Australian iPhone users a tool has been discovered that steals private data from jailbroken iPhones. iPhone/Privacy.A is a malware tool that runs on computers (or on an iPhone) and scans the Wi-Fi network for vulnerable iPhones.

After discovering and accessing the devices in range it copies all private data including SMS messages, videos, email, calendars, music, photos and all other app data to the computer. The program does all this without ever making the iPhone user aware of its intrusion.

Only jailbroken iPhones that are running SSH with the default root password are vulnerable to the attack. The best way to secure your jailbroken iPhone is to change the default root password immediately. Other solutions include removing the SSH package from your iPhone or turning off SSH.

No software is installed on the victim's iPhone during the process of data transfer. Intego's antivirus product VirusBarrier X5 will prevent a Mac from hosting the malware, although it can be installed on other platforms.

Intego estimates the number of jailbroken iPhones to be between 6-8 percent of all iPhones. Many iPhone users who have jailbroken their devices have neglected to change their root password to improve security.

iPhones that are not jailbroken are not at risk from iPhone/Privacy.A or any of the known ikee worm variants.