BOSTON — Hackers have built a virus that attacks Apple Inc's iPhone by secretly taking control of the devices via their Internet connections, security experts said.
The virus has been detected in the Netherlands and can only attack iPhones whose users have disabled some pre-installed security features, according to analysts monitoring the progress of the virus, known as the Duh Worm.
The hackers are trying to use the virus to obtain passwords to banking sites in the Netherlands, according to Graham Cluley, a researcher with anti-virus software maker Sophos. When an iPhone user tries to access a bank website, the Duh Worm directs the browser to a look-a-like site controlled by the hackers, Cluley said.
The phones that are vulnerable are "jail broken" phones, where users disable key Apple security features to get around the terms of usage agreement that they are designed to enforce.
For example, Apple prevents users from switching service providers to unauthorized carriers and limits users to the approximately 100,000 programs that the company has vetted for installation on the device. There are thousands of unauthorized programs covering areas including Internet phone calls, WiFi access and pornography.
"The vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably," said Apple spokeswoman Natalie Harrison.
Three independent security experts said that it is best for iPhone users not to jail break their devices because the security risks are greater than the benefits.
"They're leaving their back door open. Every one else knows what the key is to open that door," Cluley said.
The case, which was widely reported by security experts Monday, is the first in which iPhones have been recruited into a "botnet," or army of infected devices that hackers can control from a central "command and control center."
Early this year an unknown criminal gang built a botnet with millions of PCs using a worm known as Conficker. Security researchers feared that it might wreak havoc on April 1 based on code in the worm's software, but that date passed with little fanfare.
Since then, security researchers say that a limited number of Conficker-infected PCs have been used to spread spam, sell fake anti-virus software and perpetrate identity theft.
Mikko Hypponen, an expert on Conficker and chief research officer for security software maker F-Secure, said that Duh could spread from the Netherlands to other countries.
Like the authors of Conficker, the hackers who wrote Duh are motivated to spread the worm because they too are looking for a payoff from their work, he said.
"It's clearly written to make money. That's a first on the mobile side," Hypponen said.
To be sure, iPhones that have not been jail broken face their own security challenges. Yet so far Apple has been able to stay ahead of the hackers.
In July the company issued a software patch to fix a critical bug uncovered by two researchers that made the device susceptible to secret attacks using the SMS system, which mobile devices use to send text messages.
Apple shares were up 2.4 percent at $204.80 in afternoon trading on the Nasdaq.