The report details the timeline of the evolution of the malware, during in November 2009, from prank code through to malicious malware dubbed iKee.B. The final version includes command and control (C&C) logic to place infected iPhones under the control of a bot master, as well as integrating a banking attack.

“The iKee.B botnet has a very simple yet flexible code base, which given its target platform makes tremendous sense. While its code base is small, all the key functionality that we have grown to expect of PC botnets is also present in iKee.B: it can self-propagate, it carries a malicious payload (data exfiltration), and it periodically probes its C&C for new control instructions. As with all Internet-based botnets, iKee.B clients take full advantage of the Internet to find new victims, coordinate with their C&C, fetch new program logic, and to exfiltrate whatever content they find within their hosts”, said the report.

The report notes that while the scope of this particular malware is limited to around 10 per cent of iPhone users – ie: those that jailbreak them – the potential threat is much more grave. “A victim holding an iPhone in Australia, can be hacked from another iPhone located in Hungary, and forced to exfiltrate its user's private data to a Lithuania C&C server, which may then upload new instructions to steal financial data from the Australian user's online bank account. While it is unclear just how well prepared smartphone users are, it is clear that malware developers are preparing for this new reality right now.”

Mikko Hypponen, chief research officer F-Secure a long-term advocate of the dangers of mobile malware, welcomed the detailed report, saying he was “glad we were able to provide technical details.”

The report was published by SRI International, an independent nonprofit research institute.

-- Does the rise of the smartphone create potential security issues in your enterprise? Share your top concerns with the SecurityVibes community !

Read the full SRI report on the iPhone botnet