F-Secure reports a trojan has been created for jailbroken (unlocked) iPhones. A trojan is simply an application that tricks users into installing it by promising something other than what it actually does when executed.
“The trojan installation package contains false application installation information that causes legitimate third party applications to be removed if the trojan is uninstalled from the iPhone,” F-Secure reports. “Web sites hosting the malicious package were taken offline soon after the discovery of the low-risk threat.”
F-Secure opines, “Hopefully this serves as a warning for those who have opened their iPhones using a security hole in the system and then installing unverified software without a second thought to what they are doing.”
F-Secure warns, “This time it was an 11-year-old kid playing with XML files who created the trojan. Next time it might be someone else with more skills and with specific target.”
Full article here.
[Thanks to MacDailyNews Reader “Too Hot!” for the heads up.]
MacDailyNews Take: This does not affect locked iPhones running Web apps as intended by Apple. As we always advise Mac users: Do not install anything from an unknown and/or untrusted source. iPhone is not currently set-up by Apple to have unauthorized applications installed and run, so be extra careful if you have jailbroken your iPhone or wait for Apple’s official SDK (February) and the attendant iPhone firmware update before installing third-party iPhone applications.