iPhone virus or spyware “80-90% likely”, says security expert

Apple’s reputation for bullet-proof security could soon be blown away with the most high-profile attack targetting its coolest device – the iPhone.

An iPhone virus spyware or other piece of malicious software is almost inevitable. “It’s 80-90% likely that we will see malware targetting the iPhone” predicts Runald Security Response Manager for F-Secure Security Labs.

The fact that iPhone fans can so quickly crack Apple updates which are supposed to re-assert Apple’s control over the device should be warning enough Runald says. It’s essentially ‘proof of concept’ that an iPhone virus could easily be unleashed.

“The 1.1.2 firmware was released last week and was supposed to prevent people from running third-party software but it took only a few hours for the hacking community to break so they could run their third party applications again. And if you can run third-party applications you can run viruses.”

Ironically the same ‘jailbreak’ techniques which are being used to unlock the iPhone from a parent network and allow it to run innocent third-party applications can be used by hackers to push nefarious malware onto the iPhone.

Hacked: the same techniques used to unlock the iPhone and run third-party apps could also inject malware

“What they’re doing is they’re breaking out of the iPhone’s secure mode (which) is that you’re not allowed to venture outside of the UI” explains Runald.

“You’re not supposed to access the file system you’re not supposed to modify files unless it’s through the UI you’re not supposed to run any application that hasn’t been developed by Apple and shipped by Apple. So to unlock the phone they’re breaking the shield to install an unlocking application to take away the SIM lock. And once you’re out of the shield you can do anything.”

Things could get both better and worse in February next year when Apple officially opens the iPhone to third-party software and releases an iPhone SDK (software developer’s kit) for programmers.

“The iPhone is currently closed which is in the iPhone’s favour against malware although that will change in February when Apple ships its SDK so anyone can develop applications for it including malware. But when they ship the SDK we might develop anti-virus and security software to protect the iPhone which we can’t do today. If there will come a virus for the iPhone tomorrow there’s nothing you can do except trust Apple to fix it for you”.

The almost inevitable arrival of malware on the iPhone could presage the spread of similar software onto the Mac which of course has been long promoted – especially to mainstream users and newcomers to the word of Apple – as a ‘safer’ and more secure alternative to Windows.

Patrik Runald: although an iPhone attack is almost inevitable the first will be done for bragging rights – but more malicious software will follow

“If you think about it the iPhone is a stripped-down Macintosh” Runald points out. “It runs a stripped down version of OS X and it can run pretty much a lot of the things that you can run on your Mac. Now that the Macs are becoming so popular and normal people are buying Macs the bad guys are starting to target it because it’s becoming a platform that’s big enough with enough unsuspecting users”.

Industrious hackers could even use the Mac to load software onto an iPhone or vice versa. “Because (the iPhone runs) pretty much the same operating system we’re going to see more malware targetting both. It’s very closely connected to Macs the Macs are growing in popularity so we will start to see more Mac malware in the very near future especially once the iPhone goes global”.

However Runald says it will be more challenging to write malware for the iPhone than a regular Mac desktop or laptop. “I’d say its probably harder because it doesn’t have all the (Mac OS X) features.”

But that challenge will undoubtedly be part of the appeal and Runald believes the very first iPhone malware won’t be all that malicious certainly not to the extent of what we’re seeing on Windows and with global botnets. “It will be written by a teenager for the challenge and also because it’s the iPhone. It’s so cool and it’s getting lots of hype”. 

David Flynn visited the F-Secure Security Lab in Kuala Lumpur as a guest of F-Secure