| December, 2009 |  |
< Prev Page 3 Next > |
Worm turns iPhones into bots
A malicious Apple iPhone worm was released this weekend. It targets iPhone users who remove Apple's protection
mechanisms to allow their phones to run any software -- a process called jailbreaking.
The worm installs a botnet management program that gives the intruder the ability to use the iPhone just like
they would a botted Windows PC. Bad guys use botnets to spread spam, steal data and hijack online accounts. The worm
also changes the default password to make it harder for users to regain control, says Sophos researcher Paul Ducklin.
This comes less than two weeks after a 21-year-old Australian researcher, Ashley Towns, released the Ikee worm --
the prototype for this new type of attack. Towns cleverly changed the wall paper of iPhones he hacked to a picture
of 80s singer Rick Astley.
This weekend's attack proves, yet again, that cyber criminals are predictable as rain in Seattle. As soon as someone
-- even a braggart hacker -- comes up with a useful new method to exploit a popular system, profit-minded bad guys
inevitably will pounce.
Â
People crack open the locks on their iPhone operating system to subvert Apple's strictness about permitting only
AT&T phone service and corporate-approved apps. Security firm Intego estimates that 6% to 8% of iPhones are jailbroken.
Towns, the young Australian hacker, said he launched Ikee to underscore how most iPhone jailbreakers were too lazy to
change the default system password, making their iPhones trivial to hack.
Graham Cluley, Sophos senior analyst, notes that there has been a long history of "proof of concept" hacks evolving
quickly into more malicious attacks.
"The earlier Ikee worm wasn't written with an obvious financial motivation," says Cluely. "However, there is no doubt
that the author of Ikee helped the creators of this worm by releasing his source code, giving them a template upon which
to create their own more malicious attack."
Owners of jailbroken iPhones would be wise to also change their default root password -- if the worm hasn't already done
it for them.
"Leaving it in its default state is playing Russian Roulette with your data," says Cluely. "There will undoubtedly more
attacks attempting to take advantage of hackers gambling with the security of their jailbroken iPhone."
ARISS Antennas Installed on Columbus Module
On Saturday, November 21, the new ARISS VHF/UHF antenna as well as the Automatic Identification
System, or AIS, VHF antenna was installed on the ISS Columbus module during the second extravehicular
activity of the STS-129 mission. ARISS plans to move an onboard radio to the Columbus module to make
use of its new antenna. The other antenna will be used to support the AIS maritime experiment to help track
the passage of ships across the world's oceans.
FCC Issues First Waiver for Government-Sponsored Disaster Drill
On Tuesday October 27, the FCC's Wireless Telecommunications Bureau (WTB) granted the first waiver
that allows amateurs who participate in a government-sponsored emergency preparedness and disaster
drill to communicate on behalf of their employers during the drill. The waiver request was made on behalf
of the Commonwealth of Kentucky. That state conducted a full-scale exercise on Wednesday, October 28,
2009 from 8 AM-5 PM (EDT) to test their emergency response to the possible release of chemical agents
at Blue Grass Army Depot, located near Richmond, Kentucky.
7:15 PM, Pikesville Library, HOLIDAY PARTY, ELECTIONS!
| December, 2009 | |
< Prev Page 3 Next > |