iPhone worm Rickrolls Australia

Nov 10, 2009 by Lin Edwards weblog
Apple iPhone 3G

(PhysOrg.com) -- iPhone users in Australia have been hit during the last few days with a worm called "ikee". The worm replaces the default wallpaper with a difficult to remove picture of British singer Rick Astley and a message "ikee is never going to give you up," a reference to Astley's 1980s hit song.

The worm is the first detected that specifically targets the . The worm only affects users who have "jailbroken" their phones to allow them to run authorized software. It appears to spread by searching an affected phone's contact list for other jailbroken phones. Users must have installed the utility SSH (secure shell) and retained the default root password: alpine. SSH allows people to connect to an iPhone via the Internet.

Spokesman for firm Sophos, Graham Cluley, said the worm does not appear to have spread outside Australia. It does little more than irritate affected users, but it does highlight the vulnerability of jailbroken phones, and there is a danger the code could be turned into a more malicious attack.

The worm was written as a practical joke by Ashley Towns, a 21-year-old unemployed programmer from Wollongong in New South Wales. He wanted to make the point that users ought to change their password, especially if they are using SSH. Towns said he was surprised the worm had gone as far as it had, and he had not considered any possible ramifications of the prank.

The worm is a variation on a well-known prank called Rickrolling, in which victims are tricked into inadvertently playing a video of the song "Never Gonna Give You Up" or seeing a picture of Rick Astley.

In another attack on the iPhone, a Dutch hacker used port scanning to identify jailbroken phones running SSH with the default password. The hacker replaced the wallpaper with what looks like an SMS alert that demands money in return for instructions on how to secure the iPhone.

The two attacks should serve as a warning for users who jailbreak their iPhones that it makes them vulnerable to attack.

© 2009 PhysOrg.com

Explore further: Tomorrow's tablets? Look, no hands

add to favorites email to friend print save as pdf

Related Stories

The malware attack against mobile phones is mounting

Dec 23, 2004

The security challenges in the mobile environment are similar to the problems we have encountered in the PC world. Open platforms are becoming popular in smartphones, for example the Symbian operating system is used in more ...

Help! How to avoid fast-moving computer worm

Jan 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

Downadup Worm Hits Over 3.5 Million Computers

Jan 16, 2009

(PhysOrg.com) -- Security firm F-Secure has advised that the Downadup worm has spread to more than 3.5 million computers by exploiting a vulnerability Microsoft patched last October. This is achieved by trying ...

Recommended for you

Tomorrow's tablets? Look, no hands

3 hours ago

Engineers in a suburban Chicago office complex have designed a new microphone that they say will be key to the future of smartphone and tablet technology because it gives consumers the ability to operate hand-held devices ...

Apple computer sells for record $905K in NY

Oct 23, 2014

One of the first Apple computers ever built has sold in New York for $905,000, leading Bonhams auction house to declare it the world's most expensive computer relic.

Review: Better cameras, less glare in iPad Air 2

Oct 22, 2014

If I've seen you taking photos with a tablet computer, I've probably made fun of you (though maybe not to your face, depending on how big you are). I'm old school: I much prefer looking through the viewfinder ...

Samsung phones cleared for US government use

Oct 21, 2014

Samsung Electronics Co. said Tuesday some of its Galaxy mobile devices were approved by the National Security Agency for use with classified U.S. government networks and data, a boost to the company's efforts to expand in ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Bob_Kob
Nov 10, 2009
This comment has been removed by a moderator.
moj85
1.7 / 5 (3) Nov 10, 2009
But I thought things made by apple were completely and utterly unable to get viruses?!

Oh wait, false advertising.
mjporter
3 / 5 (1) Nov 10, 2009
From what I understand it got in via people who hadn't changed the password on their SSH software from the default. I'm sure any "guarantee" that you won't get a virus doesn't cover your own stupidity using 3rd party software... ;)
RayCherry
not rated yet Nov 25, 2009
Moj85 & Porter, you both make good points. Mac's have been very resistent in the past, even if they were supported by university developed anti-virus software. However, Apple has permitted the reoccurance of a problem they have faced before - third party software being careless about network security. In 1990, Adobe Illustrator (if memory serves) came with a surprise bonus for the Mac. A virus that was supplied by the Apple supply chain direct to users. Today, Apple is heralding the success of the AppStore, but who is really "minding the shop"?

Apple is not alone, and soon other big names will be able to repeat some of the industry's greatest mistakes by providing inadequately tested software to mainstream supply chains - much to the delight of virus writers globally.

Time to take a step back, 'hold the phone', and ask how can we prevent personal disasters for the users, and economic repercussions during this particularly vulnerable period.