Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 5th, 2009

Jailbroken Dutch iPhones Compromised, $5 Ransom Demanded From Users

Yesterday, a message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup. The message said: “Your iPhone’s been hacked because it’s really insecure! Please visit and secure your phone right now!”

Through a combination of port scanning and OS fingerprinting of T-Mobile’s 3G IP range, a Dutch teenager has for the first time automatically exploited a known security vulnerability introduced on jailbroken iPhones – the SSH daemon which unless modified remains running with default users root and mobile, using the same password on each and every device.

The now taken offline site was featuring the following message:

“Dear iPhone user,

Your iPhone is not secure. That’s the reason your visiting this page, isn’t it? Well you can pay me $4,95 at my paypal account [email protected], and I’ll mail you very easy instructions on how to secure your iPhone. You can also contact me at [email protected]

If you don’t pay, it’s fine by me. But remember, the way I got access to your iPhone can be used by thousands of others. And they can send text messages from your number (like I did..), use it to call (or record your calls), and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It’s just my advise to secure your phone (: Have a nice day!”

Following the media coverage, active discussions across popular Dutch IT forums, and the timely shut down of his PayPal account, the opportunistic and unethical pen-tester quickly changed his attitude and posted an apology followed by step-by-step guide on changing the default SSH password, which he was originally offering for a fee.

Credit: Security Blogs

Share this item with others:

More on CyberInsecure:
  • iPhone Worm Infects Devices And Redirecs Dutch Online Bank Users To A Phishing Site
  • iPhone 2.0 Unlocked Before The Release
  • SpyPhone iPhone App Can Silently Harvest And Email Personal Data
  • Researcher Finds Possible Flaw In Apple’s IPhone That Allows Shellcode On Unmodified Device
  • World’s First iPhone Worm Hits iPhone Owners In Australia

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Jailbroken Dutch iPhones Compromised, $5 Ransom Demanded From Users

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.