iPhone worm Rickrolls Australia

November 10, 2009 by Lin Edwards weblog
Apple iPhone 3G

(PhysOrg.com) -- iPhone users in Australia have been hit during the last few days with a worm called "ikee". The worm replaces the default wallpaper with a difficult to remove picture of British singer Rick Astley and a message "ikee is never going to give you up," a reference to Astley's 1980s hit song.

The worm is the first detected that specifically targets the . The worm only affects users who have "jailbroken" their phones to allow them to run authorized software. It appears to spread by searching an affected phone's contact list for other jailbroken phones. Users must have installed the utility SSH (secure shell) and retained the default root password: alpine. SSH allows people to connect to an iPhone via the Internet.

Spokesman for firm Sophos, Graham Cluley, said the worm does not appear to have spread outside Australia. It does little more than irritate affected users, but it does highlight the vulnerability of jailbroken phones, and there is a danger the code could be turned into a more malicious attack.

The worm was written as a practical joke by Ashley Towns, a 21-year-old unemployed programmer from Wollongong in New South Wales. He wanted to make the point that users ought to change their password, especially if they are using SSH. Towns said he was surprised the worm had gone as far as it had, and he had not considered any possible ramifications of the prank.

The worm is a variation on a well-known prank called Rickrolling, in which victims are tricked into inadvertently playing a video of the song "Never Gonna Give You Up" or seeing a picture of Rick Astley.

In another attack on the iPhone, a Dutch hacker used port scanning to identify jailbroken phones running SSH with the default password. The hacker replaced the wallpaper with what looks like an SMS alert that demands money in return for instructions on how to secure the iPhone.

The two attacks should serve as a warning for users who jailbreak their iPhones that it makes them vulnerable to attack.

© 2009 PhysOrg.com

Explore further: The malware attack against mobile phones is mounting

Related Stories

The malware attack against mobile phones is mounting

December 23, 2004

The security challenges in the mobile environment are similar to the problems we have encountered in the PC world. Open platforms are becoming popular in smartphones, for example the Symbian operating system is used in more ...

Downadup Worm Hits Over 3.5 Million Computers

January 16, 2009

(PhysOrg.com) -- Security firm F-Secure has advised that the Downadup worm has spread to more than 3.5 million computers by exploiting a vulnerability Microsoft patched last October. This is achieved by trying to connect ...

Help! How to avoid fast-moving computer worm

January 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

Recommended for you

Inferring urban travel patterns from cellphone data

August 29, 2016

In making decisions about infrastructure development and resource allocation, city planners rely on models of how people move through their cities, on foot, in cars, and on public transportation. Those models are largely ...

How machine learning can help with voice disorders

August 29, 2016

There's no human instinct more basic than speech, and yet, for many people, talking can be taxing. 1 in 14 working-age Americans suffer from voice disorders that are often associated with abnormal vocal behaviors - some of ...

Apple issues update after cyber weapon captured

August 26, 2016

Apple iPhone owners on Friday were urged to install a quickly released security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by cyber arms dealers.


Adjust slider to filter visible comments by rank

Display comments: newest first

Nov 10, 2009
This comment has been removed by a moderator.
1.7 / 5 (3) Nov 10, 2009
But I thought things made by apple were completely and utterly unable to get viruses?!

Oh wait, false advertising.
3 / 5 (1) Nov 10, 2009
From what I understand it got in via people who hadn't changed the password on their SSH software from the default. I'm sure any "guarantee" that you won't get a virus doesn't cover your own stupidity using 3rd party software... ;)
not rated yet Nov 25, 2009
Moj85 & Porter, you both make good points. Mac's have been very resistent in the past, even if they were supported by university developed anti-virus software. However, Apple has permitted the reoccurance of a problem they have faced before - third party software being careless about network security. In 1990, Adobe Illustrator (if memory serves) came with a surprise bonus for the Mac. A virus that was supplied by the Apple supply chain direct to users. Today, Apple is heralding the success of the AppStore, but who is really "minding the shop"?

Apple is not alone, and soon other big names will be able to repeat some of the industry's greatest mistakes by providing inadequately tested software to mainstream supply chains - much to the delight of virus writers globally.

Time to take a step back, 'hold the phone', and ask how can we prevent personal disasters for the users, and economic repercussions during this particularly vulnerable period.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.