A Proof-of-Concept Virus for iPods Running Linux

An anonymous reader writes "Although antivirus companies will probably create a hype saying that iPods are prone to infections, a virus called 'Podloso' is a newly found virus that is just a proof of concept code that can infect iPods running Linux. Once launched, the virus scans the device's hard disk and infects all executable .elf format files. Any attempt to launch these files will cause the virus to display a message on the screen which says, 'You are infected with Oslo the first iPodLinux Virus.'"

...another "social engineering" virus

[hcmtnbiker]

FTA: Podloso cannot be launched automatically without user involvement.

I always find it amusing when a virus that requires the user to activate it is considered news. By definition it's more social engineering then a vulnerability. If people weren't so stupid I assume nearly 100% of all computer virus' wouldn't exist, or wouldn't be a problem.

Thank Goodness

[Spackler]

"You are infected with Oslo the first iPodLinux Virus."

I would like to thank the developers of this virus. For too long, I have been enjoying hacking my iPod. It is good that someone is out there attempting to stop that by ruining my property.

Really, now on to the real discussion. Can someone explain the motivation? I actually do not understand why someone would waste their time to write a virus. The only type I do understand is the bot net stuff, and that is motivated by money. Heck, if I can take over 5000 computers and sell the work they can do in mass spam or something, at least the writer is attempting to make money. Why write something like this though? If they spent the same time writing real code, they would make money. If they did it for a different organization, they could help the Red Cross with their IT stuff, or a hospital. Why the fsck do this crap?

Malcontent? Antisocial? What the heck drives these people?

Re:Thank Goodness

[someone1234]

Creating pseudo-life? Hell, 20 years ago i was very happy when my exe header virus first infected one of my files :) It was definitely more satisfying than hacking away on some j2ee shit.

Re:Depends on antivirus company

[necro81]

There can be more information to steal on an iPod than just multimedia. iPods have, for quite a while, been able to store contacts, notes, and calendars, typical PIM stuff. There might be something of value in those. On the other hand, if one were to craft a virus for the new iPhone, there definitely could be some malicious value in that, because it stores more information, accesses email and the internet, and is continuously connected to the outside world. On the other hand, the iPhone is a totally different beast than the iPod (and Linux-on-iPod), and will undoubtedly be a much tougher nut to crack.

Re:...another "social engineering" virus

[sootman]

But it shouldn't be news. Anything that can run code, can run malicious code. It's only worth mentioning if there's a chance that a user will a) obtain and b) run the code without knowing it's malicious. If the virus were hidden in a song and could be executed just by being played, that would be news.

Oh, and look: it was discovered by a company that makes antivirus software. [kaspersky.com] Wow, what are the odds that an antivirus company would be the first to discover and publicize a virus that runs on what might be called the least-adopted platform ever in history? I'd bet my next paycheck that somewhere there's a connection between an employee of that company and the author of this "virus"--and not just a six-degrees kind of link, I mean a real, substantial link.

Antivirus exec: "Well, in six years, we haven't been able to convince anyone that OS X is insecure. Despite our efforts, there hasn't been a single in-the-wild, self-replicating virus for that platform. What should we try next?"
Underling: "Maybe try spreading FUD about iPods?"
Antivirus exec: "Brilliant!"