Last year we witnessed the first infection that affected devices based on the iPhone operating system, it was the worm iPhone/Eeki. We wrote a blog post explaining how the worm worked, and prepared a video where you could see how it was infected and how it was distributed from an iPhone to an ipod Touch.
As we commented then, this is just a proof of concept and doesn´t mean that we are going to see a wave of malware for the iPhone. In fact, it only works in the iPhone that have been modified to be able to install Apple applications without using the App Store.
The truth is that this platform has become very popular, but we haven’t still seen any wave of malware, and it is likely to continue like this. Why? Apple has decided to control all the platform thoroughly: closed in hardware (no hardware piece can be added, even a simple memory card) and in software (all the applications are installed through the Apple App Store, and in order to be there, they must be previously approved.)
Does this mean that there won’t be malware for iPhones that can bypass the Apple filters? Not at all, we’ll see some cases, though they will be isolated. Are there other ways to infect the iPhone? Yes, above all using vulnerabilities. Having not supported Flash may have helped, but as HTML5 is becoming more popular, which is supported by the iPhone through the Safari browser, we’ll see more attacks. Right now all the hacker community is fuzzing looking for new security holes in HTML5, something “ideal†for the cybercrooks, as it can be used to launch an attack regardless of the platform that the victim uses (iPhone, Windows, Linux, OSX, etc.)
And what has all this to do with the iPad? Well, as you know, since Apple has launched its table, it has sold more than 3 million units in 80 days. Currently they don’t have them in stock, and if you buy one, it is directly sent from their factory of Shenzhen in China, once it has been made. And I’ve bought one, which I have just received, and it has made the journey Shenzhen –> Bangkok –> Mumbai –> Cologne –> Madrid –> Valle de Trápaga –> My home 🙂
The iPad shares the philosophy with the iPhone in hardware and software, and besides they have the same operating system, known as iPhone (v3), which from the next version on it will be called iOS (v4). Therefore, if we jailbreak the iPad, in theory we should be able to infect it. No sooner said than done, from Gorka RamÃrez and Fran Berenguer’s hands, the authors of the previous video, we have repeated the operation, this time trying to infect the iPad from an iPhone. I’ve hurried them to do it, as if the process took a lot o f time, I would have to give back Enrique Aguilera’s iPad, which has been the guinea pig, and lend mine, so that they could experiment with it 😉
Sean-Paul has made a great edit of the video, and this is the result of the infection attempt:
Just as it was predictable, iPhone/Eeki works as well as in the iPad. This doesn’t mean that we are going to see a wave of malware for this device, though its increasing popularity make cybercrooks not lose sight of it.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
5 comments