First iPhone Malware Found
January 11, 2008
It's mostly harmless, but future ones may not be.
The US Computer Emergency Response Team (US-CERT) has issued a warning that a fraudulent iPhone upgrade is making its way around the Internet and users should not be fooled into installing it.
A package called "iPhone firmware 1.1.3 prep," which described itself as "an important system update. Install this before updating to the new 1.1.3 firmware" is floating around on the Internet. The fact it does not come from Apple is clue #1 that something is wrong.
"This Trojan claims to be a tool used to prepare the device for an upgrade to firmware version 1.1.3," the US-CERT advisory said. "When a user installs the Trojan, other application components are altered. If the Trojan is uninstalled, the affected applications may also be removed."
Symantec's security team has also examined the virus and written its own alert. It said that while the bogus "prep" utility doesn't do much damage, it does overwrite some of the phone's utilities.