Dutch Attacker Hijacked iPhones, Demanded Ransom
A Dutch teenager has backed away from an extortion scheme targeting Apple iPhone users.
The scheme was uncovered Nov. 2 when reports surfaced that an attacker was compromising iPhones and holding them for ransom. After using port scanning and OS fingerprinting to find iPhones in T-Mobile's 3G IP range, the attacker took advantage of the default root passwords of iPhones jail-broken through OpenSSH.
According to reports, the owners of the phones received a message on their screens that the attacker had control of their devices. To get it back, they were told to visit a Website, where they were told to send about $5 in euros to a PayPal account in exchange for instructions on how to remedy the situation.
The message on the Website reportedly read as follows:
"Your iPhone is not secure. That's the reason your visiting this page, isn't it? Well you can pay me $4,95 at my paypal account PureInfinity92@mailinator.com, and I'll mail you very easy instructions on how to secure your iPhone. You can also contact me at
If you don't pay, it's fine by me. But remember, the way I got access to your iPhone can be used by thousands of others. And they can send text messages from your number (like I did..), use it to call (or record your calls), and actually whatever they want, even use it for their hacking activities!'
I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advise to secure your phone."
In a twist of fate for victims, the attacker for what ever reason changed his or her tune and posted instructions for changing the phone's SSH password. Users who changed the default password were not subject to the attack.