iPhone virus or spyware "80-90% likely", says security expert

Send to a friend Print

Help more people find out about this story

Del.icio.us
StumbleUpon

David Flynn14 November 2007, 5:04 AM

It's only a matter of time before malicious software targets the iPhone, which could trigger a wave of mobile malware - with made-for-Mac viruses, spyware and more all soon to follow.


Apple's reputation for bullet-proof security could soon be blown away, with the most high-profile attack targetting its coolest device - the iPhone.

An iPhone virus, spyware or other piece of malicious software is almost inevitable. "It's 80-90% likely that we will see malware targetting the iPhone" predicts Runald, Security Response Manager for F-Secure Security Labs.

The fact that iPhone fans can so quickly crack Apple updates which are supposed to re-assert Apple's control over the device should be warning enough, Runald says. It's essentially ‘proof of concept' that an iPhone virus could easily be unleashed.

"The 1.1.2 firmware was released last week and was supposed to prevent people from running third-party software, but it took only a few hours for the hacking community to break so they could run their third party applications again. And if you can run third-party applications, you can run viruses."

Ironically, the same ‘jailbreak' techniques which are being used to unlock the iPhone from a parent network and allow it to run innocent third-party applications, can be used by hackers to push nefarious malware onto the iPhone.

Hacked: the same techniques used to unlock the iPhone and run third-party apps could also inject malwareHacked: the same techniques used to unlock the iPhone and run third-party apps could also inject malware
"What they're doing is they're breaking out of the iPhone's secure mode, (which) is that you're not allowed to venture outside of the UI" explains Runald.

"You're not supposed to access the file system, you're not supposed to modify files unless it's through the UI, you're not supposed to run any application that hasn't been developed by Apple and shipped by Apple. So to unlock the phone they're breaking the shield to install an unlocking application to take away the SIM lock. And once you're out of the shield, you can do anything."

Things could get both better and worse in February next year, when Apple officially opens the iPhone to third-party software and releases an iPhone SDK (software developer's kit) for programmers.

"The iPhone is currently closed, which is in the iPhone's favour against malware, although that will change in February when Apple ships its SDK so anyone can develop applications for it, including malware. But when they ship the SDK we might develop anti-virus and security software to protect the iPhone, which we can't do today. If there will come a virus for the iPhone tomorrow, there's nothing you can do except trust Apple to fix it for you".

The almost inevitable arrival of malware on the iPhone could presage the spread of similar software onto the Mac, which of course has been long promoted - especially to mainstream users and newcomers to the word of Apple - as a ‘safer' and more secure alternative to Windows.

Patrik Runald: although an iPhone attack is almost inevitable, the first will be done for bragging rights – but more malicious software will followPatrik Runald: although an iPhone attack is almost inevitable, the first will be done for bragging rights – but more malicious software will follow
"If you think about it, the iPhone is a stripped-down Macintosh" Runald points out. "It runs a stripped down version of OS X, and it can run pretty much a lot of the things that you can run on your Mac. Now that the Macs are becoming so popular and normal people are buying Macs, the bad guys are starting to target it because it's becoming a platform that's big enough, with enough unsuspecting users".

Industrious hackers could even use the Mac to load software onto an iPhone, or vice versa. "Because (the iPhone runs) pretty much the same operating system, we're going to see more malware targetting both. It's very closely connected to Macs, the Macs are growing in popularity, so we will start to see more Mac malware in the very near future, especially once the iPhone goes global".

However, Runald says it will be more challenging to write malware for the iPhone than a regular Mac desktop or laptop. "I'd say its probably harder, because it doesn't have all the (Mac OS X) features."

But that challenge will undoubtedly be part of the appeal, and Runald believes the very first iPhone malware won't be all that malicious, certainly not to the extent of what we're seeing on Windows and with global botnets. "It will be written by a teenager, for the challenge and also because it's the iPhone. It's so cool and it's getting lots of hype". 

David Flynn visited the F-Secure Security Lab in Kuala Lumpur as a guest of F-Secure


Post your comment



Comments

 RSS feed Email alert

dragonmeister:

Welcome to the wonderful world that is Microsoft.
The larger you become ... The bigger the target you carry on your back.

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

AJ:

FUD as usual. The iPhone runs the same OS as a Mac sans certain services, so why "suddenly" will the iPhone open up the flood gates for Malware and other undesirable applications? Breaking into the OS from the device and actually getting something onto it remotely, are two completely different things. One again, the installation of anything on these "broken" phones will still require the user to do so and if they are savvy enough to jailbreak their phones I would expect they'd be savvy enough to know when they're installing crap onto it.

Mac OS X is note infallible by any means. Any piece of software can be hacked. Some easier than others, but to thumb suck a figure to get more readers is despicable. Not to mention poor old Joe public who doesn't know any better getting his knickers in a twist over a non-issue. A non-issue purely because we have yet to see any of these so called waves of attack on the Mac OS everyone has been prophesying for years!

Right now, FSecure is doing what every other capitalist in the world would do, trying to expand their market. Try doing it ethically though without making dubious statements and maybe, just maybe you'll have a little credibility.

29 February 2008, 8:49 PM (10 months ago)report abuse Send to a friend reply

Anonymous1:

i agree FUD, people hacking onpen their iphones on purpose to manually install 3rd party apps is worlds apart from a virus, and there will be even less jailbreaking once the official apps start being released, its true it might be a bigger target than the mac over time but not much to gain really compared to a virus to a desktop computer.

29 February 2008, 8:49 PM (10 months ago)report abuse Send to a friend reply

Scott:

FUD +1
Most of the iPhone's users are using it as Apple intended, ie. not going beyond the UI as this "security expert" put it. And, if you're jailbreaking your phone, you're a techie, not an average consumer that's unaware of the risks and the need to be careful when installing 3rd party applications onto a device. So his guesses, which is what they are, are BS at least until the SDK, and he has no idea of the measures that Apple are going to use to protect the SDK and the device from rogue, probably unsigned, programs.

He just wants to scare people into thinking they need the Norton treatment, and his company will be there with the expensive program to make your iPhone run like crap.

29 February 2008, 8:49 PM (10 months ago)report abuse Send to a friend reply

Andrew Neesley:

You're an idiot. Congrats on your pageviews. I do not hope you can make a career out of misleading statements.

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

NPE:

"it will be more challenging to right malware for the iPhone"

Do you mean "write" by any chance, APC.

As for the article, it sounds highly speculative to me. I think more mobile malware may be in the offing, but I don't see it will necessarily target the iPhone. F-Secure only says it will because the iPhone is newsworthy, so it gets them more headline.

As for: "it can run pretty much a lot of the things that you can run on your Mac." ... Hmmm. Try it. AFAIK, the iPhone runs on an ARM processor -- perhaps someone should have told Mr Runald that. For starters *none* of the applications on a Mac would run on that, since they're compiled for PPC and Intel x86 processors not for ARM.

I think this is a case of F-Secure trying to whip up fear to push sales of their products. It stinks.

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

Anonymous Coward:

FUD FUD FUD.

There are no wild viruses for Mac OS X. And we're to believe that a "stripped down" version will somehow be more vulnerable?

Would Mr. Runald care to explain how you jailbreak an iPhone without having it in your hand? How that software suddenly jumps onto the iPhone all by itself?

What really makes this post galling is that F-Secure doesn't even offer products for Mac OS X. So not only are they blowing smoke and using mirrors, they have absolutely no expertise, experience or believability.

Talk about an article designed to pander to the FUD crowd and generate page hits... Troll, troll, troll. I expect better from APC.


29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

John Baro:

Now that "normal" people are buying Macs?!?!? Exactly who was buying Macs before?

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

MacDoc:

What a bald headed DICK....more FUD from someone who wants to sell more protection software and troll for HITS....Lions and Tiger and Beares oh NO!!! Someone help Apple!!! The Wizard will fuck-up the iPhone......I think I'll wate for the Zune phone....NOT!!!!

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

george:

Who is this self serving Patrik Runald, Security Response Manager for F-Secure Security Labs anyway?
Let's see...they have no Mac work now, they're not likely to get any face time soon in the Mac community, they're irrelevant and unlikely to become relevant anytime soon.
The only time anyone hears of this F-Secure is when they forecast doom and gloom into what is normally a nice Mac based ecosystem.
This guy picks the only product with any press and somehow injects himself and his company of unknowns right into it as if they actually had any part in any dialog.
Losers and going forward...unknowns.

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

Derek Currie:

I posted this reply to the summary of this FUD over at MacDailyNews. I thought I'd share here as well. Enjoy:

The FUD tradition against Apple products continues. (Fear, Uncertainty and Doubt is a prehistoric method of propaganda). You'd think they'd get the clue. Symantec made two anti-Mac security FUD attacks in 2005. Utter failures. McAfee followed with their own FUD attack late that year. Utter failure. Then the CEO of McAfee, in a total turn around, suggested that anyone with brains should dump their Windows box in favor of a Mac simply for the sake of SECURITY. This past year we had a flood of FUD from the hacker community. Thankfully none of them wrote anything malicious and Apple were up to the task of eradicating all the vulnerabilities they found. Then last week we were supposed to be shaking in our well-healed Mac user boots about the porno Trojan out in the wild for Macs. Yeah. I'm scared. But at least this does help waken people up to the fact that NO operating system is ever invulnerable or perfect.

Here is some FUD: Anti-Mac bigots and marketing morons like F-Secure have an 80-90% chance of making fools of themselves by making stoopid predictions about Apple product security.

I hope I make them wet their pants and shiver in ((((FEAR)))).

;-Derek


29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply

dragonmeister:

It's a Capitalist World ....
I don't blame anyone wanting to drum up business.
But what I have noticed since my foray into these forums is that you Apple fanboys are just so sensitive when it comes to criticism of ANY Aplle/Mac products. If this had been a Microsoft product, it would have copped a battering from the likes of you guys for being a piece of crap filled with security holes !!! ... But because it is an Apple toy, you guys are blaming everybody but Apple. Clear your heads of the vicious bigotry you hold onto so dearly and accept that the Windows and Mac camps have their places in the advancement of the human race. I use a Mac at work for publishing and editing and would not even consider going to Windows .... But there is no way I would (or could) play Battlefield 2 online with a Mac ( ... and NO, running in windows mode with a Mac is a nightmare with game lag)
So chill out and understand that both camps are not infallible.

29 February 2008, 8:32 PM (10 months ago)report abuse Send to a friend reply