Security researches at Arbor Networks are predicting that the iPhone will be subject to a serious attack in 2008. The attacks will likely take the form of malware embedded in photos or video. In the past the iPhone has been vulnerable to such attacks through a bug in its handling of TIFF images. A recent update has solved the problem. Former versions of Apple’s firmware used a version of the libtiff library that was susceptible to buffer-overflow attacks.
HD Moore, a security researcher and hacker, revealed in October that the TIFF exploit would allow malicious hackers access the phone’s root level. All the iPhone’s key applications run as root processes and by exploiting the TIFF bug a hacker can take control of the phone.
Arbor Networks thinks that the challenge to be the first to hack the iPhone and take control of the phone is an enticement for hackers too big to pass up.
“2007 was the year of the browser exploit, the data breach, spyware, and the storm worm,” the Arbor report said. “We expect 2008 to be the year of the iPhone attack, the Chinese Hacker, P2P network spammers, and the hijacking of the Storm botnet.”
The prediction is hardly a risky one, said Andrew Storms, director of security operations for nCircle Security. “Predicting a higher rate of attacks on the iPhone is like saying there will be more people trying to hack Leopard in 2008,” he wrote in an e-mail.
“This is an obvious direction for the hacking community,” he added. “Those who hack for good or bad are always interested in the newest target and even better is a new target with a large install base.”
Things will change in 2008, Storms said, with Apple’s release of a software development kit for the iPhone. “Once the SDK releases, everyday users will be installing third-party applications without having to risk an iBrick,” he said, referring to the fact that uses who installed unlocking software found their phones were inoperative after an Apple firmware upgrade.
“The tools and methods which Apple integrates into the iPhone to protect users from malware developed with the SDK is what will be getting significant attention in 2008,” he said, predicting that AT&T and all Wi-Fi networks in range of the iPhone will be the next target.
“Imagine a successful mobile worm that distributes itself over both cellular and Wi-Fi,” he concluded. “That’s a day that security professionals have been worrying about for years.”