iPhone worm Rickrolls Australia

November 10, 2009 by Lin Edwards weblog
Apple iPhone 3G

(PhysOrg.com) -- iPhone users in Australia have been hit during the last few days with a worm called "ikee". The worm replaces the default wallpaper with a difficult to remove picture of British singer Rick Astley and a message "ikee is never going to give you up," a reference to Astley's 1980s hit song.

The worm is the first detected that specifically targets the . The worm only affects users who have "jailbroken" their phones to allow them to run authorized software. It appears to spread by searching an affected phone's contact list for other jailbroken phones. Users must have installed the utility SSH (secure shell) and retained the default root password: alpine. SSH allows people to connect to an iPhone via the Internet.

Spokesman for firm Sophos, Graham Cluley, said the worm does not appear to have spread outside Australia. It does little more than irritate affected users, but it does highlight the vulnerability of jailbroken phones, and there is a danger the code could be turned into a more malicious attack.

The worm was written as a practical joke by Ashley Towns, a 21-year-old unemployed programmer from Wollongong in New South Wales. He wanted to make the point that users ought to change their password, especially if they are using SSH. Towns said he was surprised the worm had gone as far as it had, and he had not considered any possible ramifications of the prank.

The worm is a variation on a well-known prank called Rickrolling, in which victims are tricked into inadvertently playing a video of the song "Never Gonna Give You Up" or seeing a picture of Rick Astley.

In another attack on the iPhone, a Dutch hacker used port scanning to identify jailbroken phones running SSH with the default password. The hacker replaced the wallpaper with what looks like an SMS alert that demands money in return for instructions on how to secure the iPhone.

The two attacks should serve as a warning for users who jailbreak their iPhones that it makes them vulnerable to attack.

© 2009 PhysOrg.com

Explore further: The malware attack against mobile phones is mounting

Related Stories

The malware attack against mobile phones is mounting

December 23, 2004

The security challenges in the mobile environment are similar to the problems we have encountered in the PC world. Open platforms are becoming popular in smartphones, for example the Symbian operating system is used in more ...

Downadup Worm Hits Over 3.5 Million Computers

January 16, 2009

(PhysOrg.com) -- Security firm F-Secure has advised that the Downadup worm has spread to more than 3.5 million computers by exploiting a vulnerability Microsoft patched last October. This is achieved by trying to connect ...

Help! How to avoid fast-moving computer worm

January 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

Recommended for you

Internet giants race to faster mobile news apps

October 4, 2015

US tech giants are turning to the news in their competition for mobile users, developing new, faster ways to deliver content, but the benefits for struggling media outlets remain unclear.

Radio frequency 'harvesting' tech unveiled in UK

September 30, 2015

An energy harvesting technology that its developers say will be able to turn ambient radio frequency waves into usable electricity to charge low power devices was unveiled in London on Wednesday.

Professors say US has fallen behind on offshore wind power

September 29, 2015

University of Delaware faculty from the College of Earth, Ocean, and Environment (CEOE), the College of Engineering and the Alfred Lerner School of Business and Economics say that the U.S. has fallen behind in offshore wind ...


Adjust slider to filter visible comments by rank

Display comments: newest first

Nov 10, 2009
This comment has been removed by a moderator.
1.7 / 5 (3) Nov 10, 2009
But I thought things made by apple were completely and utterly unable to get viruses?!

Oh wait, false advertising.
3 / 5 (1) Nov 10, 2009
From what I understand it got in via people who hadn't changed the password on their SSH software from the default. I'm sure any "guarantee" that you won't get a virus doesn't cover your own stupidity using 3rd party software... ;)
not rated yet Nov 25, 2009
Moj85 & Porter, you both make good points. Mac's have been very resistent in the past, even if they were supported by university developed anti-virus software. However, Apple has permitted the reoccurance of a problem they have faced before - third party software being careless about network security. In 1990, Adobe Illustrator (if memory serves) came with a surprise bonus for the Mac. A virus that was supplied by the Apple supply chain direct to users. Today, Apple is heralding the success of the AppStore, but who is really "minding the shop"?

Apple is not alone, and soon other big names will be able to repeat some of the industry's greatest mistakes by providing inadequately tested software to mainstream supply chains - much to the delight of virus writers globally.

Time to take a step back, 'hold the phone', and ask how can we prevent personal disasters for the users, and economic repercussions during this particularly vulnerable period.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.