Rick Astley worm infects iPhones
By Stuart Turton
Posted on 9 Nov 2009 at 08:24
The first worm targeting Apple's iPhone has made an appearance in the wild.
The worm, dubbed Ikee, changes the victim's wallpaper to a picture of Rick Astley sporting the message "ikee is never going to give you up". Once done, it seeks out other vulnerable phones on the network to infect.
Ikee only works on jailbroken iPhones with the secure shell utility installed (SSH). Even then, the worm preys on the fact that SSH's default password is alpine, meaning that anybody who's changed their password, or not jailbroken their iphone, will be safe.
It appears, however, that the worm is intended to serve as a wakeup call, with the underlying code containing a message barracking people for not changing their root password.
Jon Honeyball Comment
Find out why Jon Honeyball believes infected iPhone owners had it coming"People are stupid, and this is to prove it. It's not that hard guys, but hey, who cares, it's only your bank details at stake," writes the hacker identified as ikex.
However, while the worm may not be malicious, experts have warned that it's far from harmless. "Other inquisitive hackers may be tempted to experiment once they read about the world's first iPhone worm," says Sophos's senior technology consultant Graham Cluley.
"Furthermore, a more malicious hacker could take the code written by ikee and adapt it to have a more sinister payload."
So far, the worm has only troubled Australian iPhones, though Cluley says he expects it to spread.
From around the web
Simple solution is to either not install OpenSSH which is what I chose or to turn it off when not using it. DiskAid will let you browse the iPhone system over USB.
By james016 on 9 Nov 2009 
IphoneBrowser will also let you browse and change files on your iPhone, and unlike DiskAid it's free.
By Noghar on 9 Nov 2009
Hm.
Wonder whether Apple will use this as another excuse to bash Jailbreaking:
"And remember kids only bad criminals jailbreak their iPhones and they are exploited by even BADDER criminals who use nasty viruses to read your mind and steal your internets"
Instead of opening up their API just a little bit wider to enable more freedom and customisation of the iPhone which would eliminate the need to jaibreak for about 95% of those who do it or are considering doing it leaving the 5% who are the kind of people who would attempt to put Linux on a Unitrex UC-75 just to say that they'd done it (and don't get me wrong that's a 5% that I have much respect for but most of us just want an iPhone that does the stuff you'd expect).
By SpiroExDeus on 10 Nov 2009
advertisement
- How to install Internet Explorer 9
- Maintaining and supporting IE9
- Plan your deployment
- Creating a custom browser package
- Search in corporate environments
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Amazon Kindle Fire review: first look
- Lytro light-field camera: first look
- CES: Why booth babes are bad marketing
- Ice Cream Sandwich on the Transformer Prime review: first look
- Samsung Galaxy Tab 7.7: first-look review of the best tablet at CES
- 3D printing: undeniably cool, but lacks a killer app
- The curse of sloppily written software
- Paying for your crimes with Bitcoin
- Behind the scenes: tech support for Formula 1
- The security risk of fat fingers
- Why Windows Phone 7 isn't quite ready for business
- When will Microsoft stop fiddling with Windows 8?
- Flash down the pan?
- Metro Style apps vs desktop applications
- Coping with Facebook changes
- The power of PPC
advertisement
Printed from www.pcpro.co.uk