Results 1 to 8 of 8
Discuss iphone infected at the iPhone 3GS - Hackint0sh.org; hi all i keep getting this msg that my iphone 3GS is infected... any idea ...
  1. #1
    Newbie Array

    Join Date
    Oct 2009
    Posts
    9
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default iphone infected

    hi all i keep getting this msg that my iphone 3GS is infected... any idea whats going on??



  2. #2
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Are you jailbroken? Have you changed your root password from the default alpine?

    You could have a worm, there are at least three worms now in existence, one of which is harmful. They all rely on you having jailbroken and not having changed the default password afterwards.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  3. #3
    Newbie Array

    Join Date
    Oct 2009
    Posts
    9
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    yea the phone is JB... and no i havent changed any passwords... how do i do that?? and will i have to JB the phone again to get rid off the worm... thnx in advance... i live in australia... i read on the net that aus users were the first once to get hit... so aus users beware ... and couple of days ago i gotta msg from optus saying that my iphone is JB and that i should contact them asap.. how the hell did they find out? would suorise me if big companies like optus created those worms to stuff us up... because obviously they are losing $$$...

  4. #4
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quote Originally Posted by Serbsta View Post
    yea the phone is JB... and no i havent changed any passwords... how do i do that?? and will i have to JB the phone again to get rid off the worm... thnx in advance... i live in australia... i read on the net that aus users were the first once to get hit... so aus users beware ... and couple of days ago i gotta msg from optus saying that my iphone is JB and that i should contact them asap.. how the hell did they find out? would suorise me if big companies like optus created those worms to stuff us up... because obviously they are losing $$$...
    The worm in Oz is pretty innocuous, the one in the Netherlands is trying to trick you into giving up your banking details.

    You also had to have SSH installed on your iPhone.
    Don't know why Optus thinks your iPhone is jailbroken. Have you hacked tethering on? Are you on a non-iphone plan? Otherwise I doubt there is much they can do or care about jailbroken iPhones?
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  5. #5
    Newbie Array

    Join Date
    Feb 2008
    Posts
    9
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Does anyone have any idea how the worm could enter iPhone system?

    They say, we need to restore our iPhone to remove the worm. Does it mean we can't backup the data afterward?


  6. #6
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quote Originally Posted by dhimoet View Post
    Does anyone have any idea how the worm could enter iPhone system?

    They say, we need to restore our iPhone to remove the worm. Does it mean we can't backup the data afterward?
    Apple - same passwords for each iPhone, normally no risk as system is locked down
    Network carrier - some carriers allow mobile devices to scan and connect to other mobile devices via IP over 3G/2G.
    User - Jailbreak - make system partition read/write, allow unsigned apps to run
    User - Open SSH - installed from Cydia, allow access to iPhone via network (wifi & 3G/2g)
    User - does not change root password.
    ork)

    So it requires 3 user activities to be vulnerable, if the user changes their password and the network carrier does not allow mobile devices to see/scan/connect each other over 3G you are safe from this worm
    Last edited by Olethros; 11-27-2009 at 07:00 AM.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  7. #7
    Newbie Array

    Join Date
    Feb 2008
    Posts
    9
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Thanks Olethros. How about my last question? If it is infected, can we restore from backup after we clean via iTunes?

    Actually, mine is not infected. It is good to know for future reference.

  8. #8
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quote Originally Posted by dhimoet View Post
    Thanks Olethros. How about my last question? If it is infected, can we restore from backup after we clean via iTunes?
    I would recommend not to restore from backup after restoring the OS via iTunes. Have not tested this. It is a general recommendation to avoid restoring from backup when troubleshooting as this can just bring back the problem you are trying to get rid of.

    For the worm, you would need to both jailbreak and restore from backup before it could be theoretically reactivated.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

 

 

Similar Threads

  1. Bought a hackintosh, may be infected by keylogger
    By VanHouten in forum OSX Security
    Replies: 2
    Last Post: 10-25-2011, 12:46 AM
  2. Replies: 0
    Last Post: 07-14-2011, 02:10 AM
  3. Replies: 0
    Last Post: 03-06-2011, 04:50 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 03:11 AM.
twitter, follow us!