Printed from www.pcpro.co.uk
Rick Astley worm infects iPhones
Posted on 9 Nov 2009 at 08:24
The first worm targeting Apple's iPhone has made an appearance in the wild.
The worm, dubbed Ikee, changes the victim's wallpaper to a picture of Rick Astley sporting the message "ikee is never going to give you up". Once done, it seeks out other vulnerable phones on the network to infect.
Ikee only works on jailbroken iPhones with the secure shell utility installed (SSH). Even then, the worm preys on the fact that SSH's default password is alpine, meaning that anybody who's changed their password, or not jailbroken their iphone, will be safe.
It appears, however, that the worm is intended to serve as a wakeup call, with the underlying code containing a message barracking people for not changing their root password.
Jon Honeyball Comment
Find out why Jon Honeyball believes infected iPhone owners had it coming"People are stupid, and this is to prove it. It's not that hard guys, but hey, who cares, it's only your bank details at stake," writes the hacker identified as ikex.
However, while the worm may not be malicious, experts have warned that it's far from harmless. "Other inquisitive hackers may be tempted to experiment once they read about the world's first iPhone worm," says Sophos's senior technology consultant Graham Cluley.
"Furthermore, a more malicious hacker could take the code written by ikee and adapt it to have a more sinister payload."
So far, the worm has only troubled Australian iPhones, though Cluley says he expects it to spread.
Author: Stuart Turton
Simple solution is to either not install OpenSSH which is what I chose or to turn it off when not using it. DiskAid will let you browse the iPhone system over USB.
By james016 on 9 Nov 2009 
IphoneBrowser will also let you browse and change files on your iPhone, and unlike DiskAid it's free.
By Noghar on 9 Nov 2009
Hm.
Wonder whether Apple will use this as another excuse to bash Jailbreaking:
"And remember kids only bad criminals jailbreak their iPhones and they are exploited by even BADDER criminals who use nasty viruses to read your mind and steal your internets"
Instead of opening up their API just a little bit wider to enable more freedom and customisation of the iPhone which would eliminate the need to jaibreak for about 95% of those who do it or are considering doing it leaving the 5% who are the kind of people who would attempt to put Linux on a Unitrex UC-75 just to say that they'd done it (and don't get me wrong that's a 5% that I have much respect for but most of us just want an iPhone that does the stuff you'd expect).
By SpiroExDeus on 10 Nov 2009
advertisement
- 10 ways to boost traffic to a WordPress blog
- Reaction to the Apple iPad: ten days later
- How to switch off Virgin Media's mobile broadband image compression
- Infotec/Ricoh: here not to help
- TomTom 940T vs iPhone TomTom: a real road test
- Nvidia Fermi update: they have names!
- Twitter oven lets you have your cake and tweet it
- Where online businesses go terribly wrong
- Google Nexus One: first look review
- Dreading the move to ADSL
- The hidden treasures of Sysinternals
- Microsoft must stop silently installing browser plugins
- Crack the Microsoft Server 2008 Core with CoreConfig
- Forget Windows: SMBs should try Snow Leopard Server
- Poking into Facebook security
- Has Microsoft shot itself in the foot with Security Essentials?
- Smashing the BlackBerry myths
- Has Microsoft solved our stylesheet woes with Super Preview?
- Automated printing of SQL Server Reports
- Setting up iSCSI on a desktop PC
advertisement
