The hacker program, which Intego identifies as iPhone/Privacy.A, attacks jailbroken iPhones, which are devices that have been modified to allow the installation of software independently of Apple's iTunes App Store.
The hacker software, which resides on a Mac, PC, or Linux machine, can be used to scan all of the data residing on an iPhone device. Data that can be copied from the iPhone, includes email, contacts, text messages, calendars, photos, and music files. And significantly, data stored by any iPhone application may also be snooped.
"This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network", said Intego. "Or, a hacker could sit in an internet café and let his computer scan all iPhones that come within the range of the WiFi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business."
The hacker tool can only be deployed to steal data from iPhones that have been jailbroken, although this still represents a significant portion of the iPhone user base. Intego believes that up to eight percent of iPhones may have been jailbroken in an attempt to give their users access to more functionality.
This has been a controversial month for iPhone security. Earlier in November, one of the first documented iPhone worms appeared, again targeting iPhones whose functionality have been unlocked using unauthorized means. It did little more than change the wallpaper on infected phones, and was designed as a proof of concept worm. However, the potential for more malicious attacks has clearly already been realized.