Mobile & Wireless is an Independent Blog Concerning Various Information, My Thoughts, Ideas, and Sometime Critics on ICT, Internet, Mobile, Wireless, and Data Communication Technology

iPhone Major Hacker Target in 2008

Researchers at Arbor Networks are predicting the iPhone will be the subject of serious attacks from hackers in 2008. Hackers already broke Apple's security system in 2007, but Arbor Networks predicts that hackers are attracted to attacking Apple users and to becoming the first to hack a new platform.

The attacks, they say, will likely take the form of malware embedded in photos or video. Until its latest update, the iPhone was vulnerable to such attacks through a bug in its handling of TIFF images. Previous versions of Apple's firmware used a version of the libtiff library that was susceptible to buffer-overflow attacks.

"2007 was the year of the browser exploit, the data breach, spyware, and the storm worm," the Arbor report said. "We expect 2008 to be the year of the iPhone attack, the Chinese Hacker, P2P network spammers, and the hijacking of the Storm botnet."

Apple's release of a software development kit for the iPhone in 2008 could unleash a host of attacks, and AT&T and all WiFi networks in range could be the next target, noted Andrew Storms, director of security operations for nCircle Security.

The prediction is hardly a risky one, said Storms. "Predicting a higher rate of attacks on the iPhone is like saying there will be more people trying to hack Leopard in 2008," he wrote in an e-mail.

"This is an obvious direction for the hacking community," he added. "Those who hack for good or bad are always interested in the newest target and even better is a new target with a large install base."

But, things will change in 2008, Storms said, especially with Apple's release of a software development kit for the iPhone. "Once the SDK releases, everyday users will be installing third-party applications without having to risk an iBrick," he said, referring to the fact that uses who installed unlocking software found their phones were inoperative after an Apple firmware upgrade.

"The tools and methods which Apple integrates into the iPhone to protect users from malware developed with the SDK is what will be getting significant attention in 2008," he said, predicting that AT&T and all Wi-Fi networks in range of the iPhone will be the next target.

"Imagine a successful mobile worm that distributes itself over both cellular and WiFi," he said. "That's a day that security professionals have been worrying about for years." [FierceBroadbandWireless]

0 people have left comments

Commentors on this Post-