PDA

View Full Version : Beware the remote iPhone hackers...



moldor
20th December 2008, 11:28 PM
Like many of us I've installed heaps of apps, both AppStore and Cydia and one of the most useful is Veency, the VNC server.

Using it means I can work on a "virtual" iPhone on my desktop and leave the phone in my bag / dock / charging station next to the bed and not have to worry about the less-than-perfect keyboard on it, etc...

So I get some beeps from it about 3am this morning and, thinking it's some alerts from work (I'm on-call 24/7) I ignore them (hell, I'm on holidays !!), and only after awaking at the civilised time of 11:30am do I see the following;

http://macinations.net/files/images/vnc_connection.png

Doing some tracking reveals that the little shit is in PARAGUAY !! Tracked his IP back to a Telco there who, when threated (in Google-translated Spanish) with La Policía caved in faster than Kevin Rudd on a election promise.

I believe his ass is about to be kicked - if not, a little hacking of my own will be in order. I'm even tempted to put a cheap pre-paid SIM in the phone and accept the VNC connection next time, just to see what happens...

Be vewwy vewwy careful, people !!!

decryption
20th December 2008, 11:30 PM
That's crazy, but not so far fetched at the same time.
When do we see iPhone firewalls? :D

moldor
20th December 2008, 11:34 PM
That's crazy, but not so far fetched at the same time.
When do we see iPhone firewalls? :D

Indeed - apparently the IP address is part of the DHCP pool for his Telco, so there's no guarantee that he'll have it even now... I've done a stealth port-scan of his machine, and not found anything vulnerable yet.

I'm going to disable WiFi on the iPhone tonight and see if he tries again over the cell network (VERY doubtful, but then again my iPhone is on the secure side of a VERY secure router and firewall.

Jon

P.S. Or is this something else that the script-kiddies will start playing with ?

Buthidae
21st December 2008, 02:18 PM
I can see the next level of botnet spam now - automated telemarketer calls, from YOUR phone! :o:D

haydio
21st December 2008, 02:40 PM
The same thing happened to me the other week! I didn't worry too much after I declined it.

Piratbyran
21st December 2008, 02:45 PM
Remember to change your ssh paswords guys, remember that on a oublic wifi, you are a free target.

melted.marsbar
21st December 2008, 03:55 PM
Remember to change your ssh paswords guys, remember that on a oublic wifi, you are a free target.

On that note, will it affect any other apps if the SSH password is different? And if we forget our SSH password (unlikely, but possible) would it hinder use of our phones?

mac_man_luke
21st December 2008, 03:59 PM
Indeed - apparently the IP address is part of the DHCP pool for his Telco, so there's no guarantee that he'll have it even now... I've done a stealth port-scan of his machine, and not found anything vulnerable yet.

I'm going to disable WiFi on the iPhone tonight and see if he tries again over the cell network (VERY doubtful, but then again my iPhone is on the secure side of a VERY secure router and firewall.

Jon

P.S. Or is this something else that the script-kiddies will start playing with ?

When your iphone is in standby it disables wifi if not plugged in to power

you wont get connections like that behind a router

99% chance its just kiddie scripts