I read just read a few articles talking about a new worm that’s infected a reported 3 Jailbroken iPhones with SSH by taking advantage of the fact that many jailbroken iPhone users don’t change the default root password. It uses the default password to gain administrative access and then changes the password so you can’t go back and fix it without resting the firmware of you phone. It then configures the phone to boot up the worm upon turning it on, and then uploads all the data on the phone to a Lithuanian servers and assigns an ID to it, so the bot master knows which phone is which. So far, it’s only been reported by users of Optus, UPC, and T-Mobile. http://www.iphonehacks.com/2009/11/new-malicious-worm-attacks-jailbroken-iphones-using-known-vulnerability.html

Anyways, after summarizing all that, my question is: What the hell would a hacker gain from this?

1. I can understand that maybe some people would use their credit card online from their phone, but the data would only be stored in internet files, so why upload all the data? Do they expect people to save their card numbers in notepad files on their phone? And isn’t it far more likely that most people don’t their credit cards from their phone?
2. Do they wanna jack your music or your videos or Apps or something like that? What the hell is the point? FrostWire is there for free music and videos, and you can’t use any official Apps without the Authorization from the iTunes account.
3. Do they want to know all your contacts? Do they plan on calling up your friends for a casual chat?

I don’t get it. What even remotely valuable thing is worth the time of making a worm and trying to spread it to siphon phone data for stuff thats freely(illegally) available to pretty much anyone with a computer and access to Google.