Phony iPhone Upgrade Hides Malware - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
News
1/9/2008
05:31 PM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Phony iPhone Upgrade Hides Malware

Computer security experts say the "iPhone firmware 1.1.3 prep" is designed to dupe people into downloading it as the Macworld Expo show opens next week.

Your Apple iPhone could be infected with potentially malicious Trojan software because of a fake upgrade download, computer security officials with US-CERT warned Wednesday.

"This Trojan claims to be a tool used to prepare the device for an upgrade to firmware version 1.1.3," the US-CERT advisory said. "When a user installs the Trojan, other application components are altered. If the Trojan is uninstalled, the affected applications may also be removed."

The Trojan appears to be timed to exploit rumors that began in early December about new features in an upcoming iPhone firmware upgrade. Various online news sites and blogs cited a report published by CNET France that claimed an imminent iPhone update would feature a disk mode, for using the iPhone as a portable flash drive, and a voice recording mode.

Malware authors now regularly craft attacks that play off current news and events. The Storm worm, for example, initially spread through an e-mail message that made reference to what was in January 2007 a recent storm. With the Consumer Electronics Show this week and the Macworld Conference & Expo next week, malware masquerading as an iPhone upgrade will likely dupe more people than it would otherwise.

On Monday, Symantec identified the malicious software as "iPhone firmware 1.1.3 prep."

In a blog post, Symantec security researcher Orla Cox observes that installing the software doesn't appear to have much of an effect on the iPhone, but warned that uninstalling it could overwrite other iPhone applications.

"This is technically the first Trojan horse seen for the iPhone, however it does appear to be more of a prank than an actual threat," said Cox. "The impact of uninstalling the 'Trojan' would appear to be an unintended side effect. The risk to users is minimal as they would have to choose to install the bogus package and the site which was hosting it has now been taken offline. Nevertheless, iPhone users should exercise caution regarding the packages they choose to install on their phones."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
News
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Slideshows
Flash Poll