toggle

First iPhone worm targets Australians

updated 09:55 am EST, Mon November 9, 2009

Only affects jailbroken devices


The first known iPhone worm has been observed in the wild, reports say. Called Ikee, the worm is considered relatively inoffensive, as it does not steal information or sabotage hardware or software. Instead the package merely changes a phone's wallpaper to a photo of singer Rick Astley before seeking out more points to infect.

The impact of the worm has also been limited to Australia so far, specifically jailbroken phones in the region running SSH while also using an iPhone's default root password. The conditions are similar to those which allowed a Dutch extortion scheme earlier this month; Ikee's author has come forward however, revealing himself as Ashley Towns, an unemployed programmer from Wollogong. "It was supposed to be a small prank I definitely wasn't expecting it to get as far as it did," he comments.

The aim was allegedly to persuade jailbreakers to change their root passwords, thereby making real threats much harder to execute. "A lot of people especially at first thanked me," says Towns. "I think most people are relieved its not out to destroy their phone. I have had a few people abuse me though." The code for the worm has already been published online, which may make it easier to counter.

Apple may use such incidents to support its position on jailbreaking, which it insists is not only a threat to a security but illegal under the DMCA. Critics charge that the locks on iPhone firmware are mainly designed to funnel users to the iTunes Store, where Apple receives royalties for music, movies and applications. Unofficial software markets nevertheless exist for jailbroken iPhones.


by MacNN Staff

print
email
(14)

TAGS : 

iPod, iPhone, iPod touch, security, hacks, Australia

Related Articles

Recent Articles


toggle

Comments

  1. climacs

    Fresh-Faced Recruit

    Joined: Sep 2001

    +2
    11/09, 10:09am | report spam | Reply |

    aieeeeee!!!

    Avert your eyes! It's Rick Astley!

  1. bleee

    Mac Enthusiast

    Joined: Mar 2002

    +1
    11/09, 10:14am | report spam | (2 replies) Reply |

    Just sell legally unlocked phones.

    If Apple just sold legally unlocked phones like it does in Hong Kong, than this wouldn't be a problem. The problem is there are no options, I'm sure there are people who would gladly shell out the $650 to buy a legally unlocked phone so that they don't have to deal with jailbreaking.

  1. Gazoobee

    Fresh-Faced Recruit

    Joined: Feb 2009

    +7
    11/09, 10:38am | report spam | Reply |

    hmmm...

    I'm sure you get more page hits this way, but isn't it a bit misleading to *not* mention that this worm is only a threat to jail-broken phones in either the headline or the lead copy? You're just panicking people and revving things up when you make them click on your story only to find out it's not really an iPhone worm at all but a worm specifically for illegally hacked iPhones. Don't be part of the problem, try reporting things as they actually *are* and suffering a few less (panicky) page hits.

  1. dliup

    Fresh-Faced Recruit

    Joined: Jan 2006

    +5
    11/09, 10:44am | report spam | (2 replies) Reply |

    @blee

    It's not about unlocking. Plenty of people unlock their iPhone without installing openSSH.

    Besides, OpenSSH contains explicit info to change root password.

    So this is a problem ONLY for the noobs that can't follow simple directions.

  1. Marook

    Forum Regular

    Joined: May 1999

    -6
    11/09, 11:31am | report spam | (1 reply) Reply |

    Not a Worm!

    Simply logging in with a known password can hardly be called a 'worm'.. well, sure it tries to move on, but nothing has been hacked!
    It simply logs in, sets a desktop picture and moves on..

  1. mr100percent

    Junior Member

    Joined: Dec 1999

    +2
    11/09, 02:24pm | report spam | Reply |

    A small prank?

    A small prank does not start scanning IPs to infect more devices. If he thought it wouldn't get far based on such an effort, he is either a fool or realizing how big of a deal he got himself into

  1. testudo

    Fresh-Faced Recruit

    Joined: Aug 2001

    +2
    11/09, 06:06pm | report spam | Reply |

    Re: Not a worm

    Wait, it connects to the phone, does it's thing, then tries to replicate elsewhere. If that isn't a worm, what is?

    And how does one go from "sets a desktop picture" to "nothing has been hacked". Um, the desktop picture has been hacked.

  1. WiseWeasel

    Fresh-Faced Recruit

    Joined: Apr 1999

    +5
    11/09, 08:09pm | report spam | Reply |

    Vulnerability = OpenSSH + Default Root Password

    In order to be vulnerable, ALL of the following conditions need to be met:
    1) iPhone must be jailbroken,
    2) User must install OpenSSH from the Cydia (or other installer app) repository, and
    3) User must ignore the warning dialog they were presented when installing OpenSSH, instructing them to change the default root password.

    Most users who jailbreak do not install OpenSSH, and so are not vulnerable to this "exploit".

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

10 Most Read

Recent Reviews

Logitech Cube

The world of mice could often be described charitably as stagnant: it's an endless sea of ergonomic shapes that assume you're sitting ...

NewerTech and Targus USB Hubs For Gifts

A useful holiday present to resolve an ongoing frustration is a multi-port hub. Whether as a stocking stuffer, Chanukah present, or an ...

X-Rite ColorMunki Photo

Color calibration is the art of tweaking your monitor so that the colors represented on screen better match real life and your printer ...

toggle

Most Commented

10 Most Discussed

 
toggle

Popular News