Remember how you've been hearing for years that cybercriminals would start targeting smartphones "soon"? Well, we've seen 2 iPhone worms this month alone. The first worm is "rickrolling" jailbroken iPhones in Austria Australia. The worm uses a simple hack to get a foothold on these iPhones: it is taking advantage of the fact that many users have installed SSH and have not changed the default SSH password on their phones. The second worm, which has been getting some press over the weekend, is taking advantage of the same hack and targeting ING bank customers in the Netherlands to redirect them to a phishing website.
As of August 2009, there were an estimated 13M iPhones in the US. 8.4% of these phones, or 1.1M, were jailbroken. That's a lot of phones. If you are part of that 1.1M and have SSH installed but have not changed the default SSH password, please please please do it now. Like take out your iPhone as you are reading this and follow the steps below now. Don't allow a script kiddie to mess with you or steal your data. Here's how to do it:
- Download the MobileTerminal from the Cydia Store if you don't already have it
- Launch MobileTerminal
- At the prompt type 'su root'
- You will be asked to enter the current root password to elevate your privilege. Enter 'alpine'
- Type 'passwd' to change the password
- You will be asked to enter the current root password. Enter 'alpine'
- You will be prompted to enter a new password. Enter a strong password that cannot be easily brute-forced
- Type 'exit' to exit the root account
- At the prompt type 'passwd' to change the password of the current user
- You will be asked to enter the current password. Enter 'alpine'
- You will be prompted to enter a new password. Again, enter a strong password that cannot be easily brute-forcedThat wasn't too hard, was it? Thanks for helping in the fight against malware.
Have a Happy Thanksgiving!