Phishing worm strikes i-Phones

BEIJING, November 24 (Xinhuanet) -- A new worm has been identified which redirects i-Phone users from a legitimate banking website to a counterfeit website potentially run by cybercriminals.

The worm which was identified by security experts at F-Secure, appears to be predominantly affecting Dutch iPhone users attempting to log on to their ING bank accounts on the device.

Users visiting the legitimate home page of the bank are unwittingly redirected to an imitation site by the worm, leaving them vulnerable to cybercriminals, who could capture their username and password and use the information to commit fraud.

So far only so-called "jailbroken" i-Phones have been identified as being vulnerable to the worm attack. "Jail-breaking" is a process whereby a user removes Apple's protection mechanisms in order to allow the use of non-Apple compliant software. However, by doing so it has left some users open to such attacks.

Up to 10 percent of all i-Phones and i-Pod touch devices are believed to have been tampered in this way.

Security experts at F-Secure warn that the worm could effectively turn infected i-Phones into a "botnet", a network of compromised computers which could be accessed or controlled by hackers or cybercriminals. The worm can be transferred from one jailbroken i-Phone to another if they are using the same wireless internet connection or hot spot according to F-Secure.

The discovery of the latest worm comes just weeks after the first ever i-Phone worm was discovered. That worm, written by Ashley Towns, "rickrolled" the i-Phone's owner by changing the phone's wallpaper to show a picture of pop singer Rick Astley and displaying the message "ikee is never going to give you up". The 21-year-old hacker said he had made the program to raise the issue of security.

While the Rick Astley worm was not particularly harmful it was a clear warning that other more malicious worms might follow. "The creator of the (Rick Astley) worm has released full source code of the four existing variants of this worm," Mikko Hypponen of security firm F-secure said at the time. "This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper."

Hypponen's analysis appears to have been proved correct with the discovery of the first malicious i-Phone virus. "There's a clear financial motive behind it," Hypponen told the BBC. "It's fairly isolated and specific to the Netherlands, but it is capable of spreading."