iPhone worm Rickrolls Australia

Nov 10, 2009 by Lin Edwards weblog
Apple iPhone 3G

(PhysOrg.com) -- iPhone users in Australia have been hit during the last few days with a worm called "ikee". The worm replaces the default wallpaper with a difficult to remove picture of British singer Rick Astley and a message "ikee is never going to give you up," a reference to Astley's 1980s hit song.

The worm is the first detected that specifically targets the . The worm only affects users who have "jailbroken" their phones to allow them to run authorized software. It appears to spread by searching an affected phone's contact list for other jailbroken phones. Users must have installed the utility SSH (secure shell) and retained the default root password: alpine. SSH allows people to connect to an iPhone via the Internet.

Spokesman for firm Sophos, Graham Cluley, said the worm does not appear to have spread outside Australia. It does little more than irritate affected users, but it does highlight the vulnerability of jailbroken phones, and there is a danger the code could be turned into a more malicious attack.

The worm was written as a practical joke by Ashley Towns, a 21-year-old unemployed programmer from Wollongong in New South Wales. He wanted to make the point that users ought to change their password, especially if they are using SSH. Towns said he was surprised the worm had gone as far as it had, and he had not considered any possible ramifications of the prank.

The worm is a variation on a well-known prank called Rickrolling, in which victims are tricked into inadvertently playing a video of the song "Never Gonna Give You Up" or seeing a picture of Rick Astley.

In another attack on the iPhone, a Dutch hacker used port scanning to identify jailbroken phones running SSH with the default password. The hacker replaced the wallpaper with what looks like an SMS alert that demands money in return for instructions on how to secure the iPhone.

The two attacks should serve as a warning for users who jailbreak their iPhones that it makes them vulnerable to attack.

© 2009 PhysOrg.com

Explore further: Microsoft unveils Xbox in China as it faces probe

add to favorites email to friend print save as pdf

Related Stories

The malware attack against mobile phones is mounting

Dec 23, 2004

The security challenges in the mobile environment are similar to the problems we have encountered in the PC world. Open platforms are becoming popular in smartphones, for example the Symbian operating system is used in more ...

Help! How to avoid fast-moving computer worm

Jan 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

Downadup Worm Hits Over 3.5 Million Computers

Jan 16, 2009

(PhysOrg.com) -- Security firm F-Secure has advised that the Downadup worm has spread to more than 3.5 million computers by exploiting a vulnerability Microsoft patched last October. This is achieved by trying ...

Recommended for you

Microsoft unveils Xbox in China as it faces probe

14 hours ago

Microsoft on Wednesday unveiled its Xbox game console in China, the first to enter the market after an official ban 14 years ago, even as it faces a Chinese government probe over business practices.

A smart wristband for nocturnal cyclists

Jul 29, 2014

Five EPFL PhD students have developed a wristband that flashes when the rider reaches out to indicate a turn. Their invention was recognized at a European competition.

Lenovo's smart glasses prototype has battery at neck

Jul 28, 2014

China's PC giant Lenovo last week offered a peek at its Google Glass-competing smart glass prototype, further details of which are to be announced in October. Lenovo's glasses prototype is not an extreme ...

Sapphire talk enlivens guesswork over iPhone 6

Jul 27, 2014

Sapphire screens for the next iPhone? Sapphire is second only to diamond in hardness scratch-proof properties, used in making LEDs, missiles sensors, and on screens for luxury-tier phones. Last year, the ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Bob_Kob
Nov 10, 2009
This comment has been removed by a moderator.
moj85
1.7 / 5 (3) Nov 10, 2009
But I thought things made by apple were completely and utterly unable to get viruses?!

Oh wait, false advertising.
mjporter
3 / 5 (1) Nov 10, 2009
From what I understand it got in via people who hadn't changed the password on their SSH software from the default. I'm sure any "guarantee" that you won't get a virus doesn't cover your own stupidity using 3rd party software... ;)
RayCherry
not rated yet Nov 25, 2009
Moj85 & Porter, you both make good points. Mac's have been very resistent in the past, even if they were supported by university developed anti-virus software. However, Apple has permitted the reoccurance of a problem they have faced before - third party software being careless about network security. In 1990, Adobe Illustrator (if memory serves) came with a surprise bonus for the Mac. A virus that was supplied by the Apple supply chain direct to users. Today, Apple is heralding the success of the AppStore, but who is really "minding the shop"?

Apple is not alone, and soon other big names will be able to repeat some of the industry's greatest mistakes by providing inadequately tested software to mainstream supply chains - much to the delight of virus writers globally.

Time to take a step back, 'hold the phone', and ask how can we prevent personal disasters for the users, and economic repercussions during this particularly vulnerable period.