What appeared to be a legitimate iPhone application, “iPhone firmware 1.1.3 prep,” turned out to be a piece of malicious software intended to ruin functionality on affected phones.
The programmer of this dangerous piece of code was an eleven-year-old boy.
Using the installer.app feature on the iPhone, users can access the diverse world of third-party applications. The malware in question passed itself off an update at www.jmwiki.com for applications including Erica’s Utilities, OpenSSH, Launcher and Doom. After downloading and installing the file via the iPhone’s installer.app, the malware displayed the word, “shoes” and proceeded to remove files critical to iPhone functionality.
Though by malware standards the virus was fairly tame, McAfee Avert Labs blogger Jimmy Shah noted that the piece of software highlights an important security concern with iPhone, one that depends entirely on the vigilance of well-informed users.
McAfee recommends users only acquire software only from trusted sources and install only official firmware updates.
After the child’s ISP was informed of the problem, his father was contacted and the site hosting the malicious application was taken down.