iSAM: An iPhone Stealth Airborne Malware

  • Dimitrios Damopoulos
  • Georgios Kambourakis
  • Stefanos Gritzalis
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 354)


Modern and powerful mobile devices comprise an attractive target for any potential intruder or malicious code. The usual goal of an attack is to acquire user’s sensitive data or compromise the device so as to use it as a stepping stone (or bot) to unleash a number of attacks to other targets. In this paper, we focus on the popular iPhone device. We create a new stealth and airborne malware namely iSAM able to wirelessly infect and self-propagate to iPhone devices. iSAM incorporates six different malware mechanisms, and is able to connect back to the iSAM bot master server to update its programming logic or to obey commands and unleash a synchronized attack. Our analysis unveils the internal mechanics of iSAM and discusses the way all iSAM components contribute towards achieving its goals. Although iSAM has been specifically designed for iPhone it can be easily modified to attack any iOS-based device.


Malware iPhone iOS Jailbreak Stealth Airborne Rootkit 


  1. 1.
    Liu, L., Yan, G., Zhang, X., Chen, S.: VirusMeter: Preventing your cellphone from spies. In: Balzarotti, D. (ed.) RAID 2009. LNCS, vol. 5758, pp. 244–264. Springer, Heidelberg (2009)Google Scholar
  2. 2.
    Chow, G.W., Jones, A.: A framework for anomaly detection in OKL4-Linux based smartphones. In: Proceedings of the 6th Australian Information Security Management Conference (2008)Google Scholar
  3. 3.
  4. 4.
    Landesman, M.: The world’s largest security analysis of real-world web traffic: annual global threat report, ScanSafe STAT,
  5. 5.
  6. 6.
    Pandya, V.R.: iPhone security analysis. Project Report, Department of Computer Science, San Jose State University (2008)Google Scholar
  7. 7.
    Chavez, A.: A jailbroken iPhone can be a very powerfull weapon in the hands of an attacker. Project Report, Purdue University, Calumet’s CIT Department (2008)Google Scholar
  8. 8.
    Miller, C., Mulliner, C.: Fuzzing the Phone in your Phone. In: BlackHat, USA (2009)Google Scholar
  9. 9.
    An analysis of the Ikee.B (Duh) iPhone botnet,
  10. 10.
  11. 11.
    Seriot, N.: iPhone Privacy. In: Black Hat, USA (2010)Google Scholar
  12. 12.
  13. 13.
  14. 14.
  15. 15.
    The point of jailbreaking,
  16. 16.
    How many ways can you remotely exploit an iPhone?,
  17. 17.
  18. 18.
  19. 19.
  20. 20.
    iTunes U downloads top 300 million,
  21. 21.
  22. 22.
    iSAM: An iPhone Stealth Airborne Malware, Online Material,

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Dimitrios Damopoulos
    • 1
  • Georgios Kambourakis
    • 1
  • Stefanos Gritzalis
    • 1
  1. 1.Info-Sec-Lab Laboratory of Information and Communications Systems SecurityUniversity of the AegeanSamosGreece

Personalised recommendations