First iPhone Trojan Spotted

The first warnings about the Trojan were posted on Saturday on the iPhone modification forum ModMyiFone.com, said security vendor F-Secure. When installed, the Trojan appeared to do nothing more than display the word "shoes", according to the ModMyiFone post.

However, when a user attempted to uninstall the malicious code, the application wiped files from the /bin directory, breaking "Erica’s Utilities" such as sendfile. Erica’s Utilities are a collection of command-line utilities for the iPhone, according to security vendor Symantec, which warned on Monday that the Trojan also overwrites OpenSSH, an open-source encryption protocol.

The Trojan, known as "iPhone firmware 1.1.3 prep", or "113 prep", is the first to be seen in the wild, according to Symantec.

[Source f-Secure]

---

Leave a comment

Name (required)

E-mail (required)

URI

Your Comment

Notify me of followup comments via e-mail