RealTime IT News

First iPhone Malware Found

The US Computer Emergency Response Team (US-CERT) has issued a warning that a fraudulent iPhone upgrade is making its way around the Internet and users should not be fooled into installing it.

A package called "iPhone firmware 1.1.3 prep," which described itself as "an important system update. Install this before updating to the new 1.1.3 firmware" is floating around on the Internet. The fact it does not come from Apple is clue #1 that something is wrong.

"This Trojan claims to be a tool used to prepare the device for an upgrade to firmware version 1.1.3," the US-CERT advisory said. "When a user installs the Trojan, other application components are altered. If the Trojan is uninstalled, the affected applications may also be removed."

The iPhone is expected to receive a firmware upgrade to version 1.1.3, probably to coincide with the Macworld Expo next week. There is no official word from Apple on any upgrade, but the company is known for keeping its cards close to the vest.

Symantec's security team has also examined the virus and written its own alert. It said that while the bogus "prep" utility doesn't do much damage, it does overwrite some of the phone's utilities.

"This is technically the first Trojan horse seen for the iPhone, however it does appear to be more of a prank than an actual threat … Nevertheless, iPhone users should exercise caution regarding the packages they choose to install on their phones," wrote Symantec researcher Orla Cox.

And the first rule of caution with the iPhone is if a piece of software doesn't come from Apple, be sure it's from a trusted source. There have been numerous attempts at cracking the iPhone protections to install software not approved for use by Apple or AT&T.