iPodNN news
Text Size

First iPhone worm targets Australians

updated 09:55 am EST, Mon November 9, 2009

Only affects jailbroken devices

The first known iPhone worm has been observed in the wild, reports say. Called Ikee, the worm is considered relatively inoffensive, as it does not steal information or sabotage hardware or software. Instead the package merely changes a phone's wallpaper to a photo of singer Rick Astley before seeking out more points to infect.

The impact of the worm has also been limited to Australia so far, specifically jailbroken phones in the region running SSH while also using an iPhone's default root password. The conditions are similar to those which allowed a Dutch extortion scheme earlier this month; Ikee's author has come forward however, revealing himself as Ashley Towns, an unemployed programmer from Wollogong. "It was supposed to be a small prank I definitely wasn't expecting it to get as far as it did," he comments.

The aim was allegedly to persuade jailbreakers to change their root passwords, thereby making real threats much harder to execute. "A lot of people especially at first thanked me," says Towns. "I think most people are relieved its not out to destroy their phone. I have had a few people abuse me though." The code for the worm has already been published online, which may make it easier to counter.

Apple may use such incidents to support its position on jailbreaking, which it insists is not only a threat to a security but illegal under the DMCA. Critics charge that the locks on iPhone firmware are mainly designed to funnel users to the iTunes Store, where Apple receives royalties for music, movies and applications. Unofficial software markets nevertheless exist for jailbroken iPhones.

By MacNN Staff

Article Tags :

E-Mail
Print
Comments (14)
digg
buzz up
slashdot
del.icio.us
tweet

Related Articles

Recent Articles

 
Previous Comments

aieeeeee!!!

11/09, 10:09am reply

Avert your eyes! It's Rick Astley!

climacs

Fresh-Faced Recruit

Joined: Sep 2001

+2

Just sell legally unlocked phones.

11/09, 10:14am (2 replies) reply

If Apple just sold legally unlocked phones like it does in Hong Kong, than this wouldn't be a problem. The problem is there are no options, I'm sure there are people who would gladly shell out the $650 to buy a legally unlocked phone so that they don't have to deal with jailbreaking.

bleee

Mac Enthusiast

Joined: Mar 2002

+1

hmmm...

11/09, 10:38am reply

I'm sure you get more page hits this way, but isn't it a bit misleading to *not* mention that this worm is only a threat to jail-broken phones in either the headline or the lead copy? You're just panicking people and revving things up when you make them click on your story only to find out it's not really an iPhone worm at all but a worm specifically for illegally hacked iPhones. Don't be part of the problem, try reporting things as they actually *are* and suffering a few less (panicky) page hits.

Gazoobee

Fresh-Faced Recruit

Joined: Feb 2009

+7

@blee

11/09, 10:44am (2 replies) reply

It's not about unlocking. Plenty of people unlock their iPhone without installing openSSH.

Besides, OpenSSH contains explicit info to change root password.

So this is a problem ONLY for the noobs that can't follow simple directions.

dliup

Fresh-Faced Recruit

Joined: Jan 2006

+5

Not a Worm!

11/09, 11:31am (1 reply) reply

Simply logging in with a known password can hardly be called a 'worm'.. well, sure it tries to move on, but nothing has been hacked!
It simply logs in, sets a desktop picture and moves on..

Marook

Forum Regular

Joined: May 1999

-6

A small prank?

11/09, 02:24pm reply

A small prank does not start scanning IPs to infect more devices. If he thought it wouldn't get far based on such an effort, he is either a fool or realizing how big of a deal he got himself into

mr100percent

Fresh-Faced Recruit

Joined: Dec 1999

+2

Re: Not a worm

11/09, 06:06pm reply

Wait, it connects to the phone, does it's thing, then tries to replicate elsewhere. If that isn't a worm, what is?

And how does one go from "sets a desktop picture" to "nothing has been hacked". Um, the desktop picture has been hacked.

testudo

Fresh-Faced Recruit

Joined: Aug 2001

+2

Vulnerability = OpenSSH + Default Root Password

11/09, 08:09pm reply

In order to be vulnerable, ALL of the following conditions need to be met:
1) iPhone must be jailbroken,
2) User must install OpenSSH from the Cydia (or other installer app) repository, and
3) User must ignore the warning dialog they were presented when installing OpenSSH, instructing them to change the default root password.

Most users who jailbreak do not install OpenSSH, and so are not vulnerable to this "exploit".

WiseWeasel

Fresh-Faced Recruit

Joined: Apr 1999

+5

Popular News