Hackers attack 'jail broken' iPhones

Discussion in 'iPod touch' started by gleesonger, Nov 24, 2009.

  1. gleesonger

    gleesonger New Member

    Joined:
    Nov 27, 2008
    Messages:
    40
    Likes Received:
    0
    Device:
    2G iPod touch
    The following is an article taken from the Irish Times which is in turn taken from Reuters.It concerns a worm which targets jailbroken devices and is intent on retrieving bank login information.I presume this is similar to the paypal virus which relies on the ssh password remaining unchanged.It may be an idea if the developers of Cydia\Rock\Icy requested that users change the default ssh password to prevent the spread of such viruses.To change your password ssh into the iPod and run "passwd", or this can also be run from the application terminal.

    Ger.
  2. kingcoolryan

    kingcoolryan Member

    Joined:
    Oct 13, 2009
    Messages:
    627
    Likes Received:
    0
    Device:
    iPad w/ 3G
    Is this only able to effect people,1. Haven't changed ssh password
    2. Don't have ssh?
  3. gleesonger

    gleesonger New Member

    Joined:
    Nov 27, 2008
    Messages:
    40
    Likes Received:
    0
    Device:
    2G iPod touch
    I would presume so, as so far all the viruses for the iPhone OS that I have seen exploit this vulnerability.
  4. kingcoolryan

    kingcoolryan Member

    Joined:
    Oct 13, 2009
    Messages:
    627
    Likes Received:
    0
    Device:
    iPad w/ 3G
    Sweet... Don't use ssh any more and when I read another thing like this on [PIRACY].us I changed my pass. Btw how is it put onto the device ?
  5. studangerous

    studangerous Super Moderator Emeritus Staff Member

    Joined:
    Dec 2, 2007
    Messages:
    5,975
    Likes Received:
    30
    Device:
    iPhone 4 (Black)
    change your SSH password from default 'alpine' to something more secure and you'll be fine.
  6. gleesonger

    gleesonger New Member

    Joined:
    Nov 27, 2008
    Messages:
    40
    Likes Received:
    0
    Device:
    2G iPod touch
    There are diffrent variants but basically check a range of ip address and check how many are running the ssh daemon with alpine as the roots password.The code is public so I'm guessing that there will plenty more to come .
  7. Cydiaia

    Cydiaia Banned

    Joined:
    Nov 10, 2009
    Messages:
    444
    Likes Received:
    1
    Device:
    iPhone
    Thanks for the info, just changed my password
  8. Ryanf

    Ryanf Member

    Joined:
    Nov 3, 2009
    Messages:
    319
    Likes Received:
    1
    Device:
    iPhone 3GS (Black)
    how do i change the pass through WINSCP? do i need anything apart from openSSH on my ipod touch?

    DOESNT MATTER NOW GUYS, CHANGED IT USING PUTTY, THANKS

    Please Register or Log in to view images

Share This Page