First ever iPhone worm subjects users to Rick Astley flashbacks
It was only a matter of time wasn’t it? The first ever Apple iPhone worm has infected some users in Australia. The worm has changed their wallpaper to an image of 1980s pop crooner Rick Astley, part of a practice known as “Rickrolling”. The worm is capable of breaking into jailbroken iPhones (see definition below) if their owners have not changed the default password after installing SSH.
SSH is a network protocol that allows someone to remotely control an operating system.
In this case SSH has been installed on these phones allowing remote control but further to that they have the default password of "alpine" so logging in by the hacker becomes simple. Once in place, the worm attempts to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself again.
It seems the worm does nothing more malicious than spread and change the infected user's lock screen wallpaper. However, that doesn't mean that attacks like this can be considered harmless.
What's clear is that if you have jailbroken your iPhone or iPod Touch, and installed SSH, then you must always change your root user password to something different than the default, "alpine".
The worm will not affect users who have not jailbroken their iPhones or who have not installed SSH.
What is “jailbreaking”?
Jailbreaking is a process that allows iPhone and iPod Touch users to run unofficial code on their devices bypassing Apple's official distribution mechanism, the App Store. Once jailbroken, iPhone users are able to download many applications previously unavailable through the App Store via unofficial installers such as Cydia, Rock App, Icy, and Installer. It is estimated that 4 million (out of 40 million) iPods and iPhones are jailbroken.<1>
This will of course be an open invitation to other hackers to come up with their own worms. We’ll keep you posted!
Jailbreaking is distinct from SIM unlocking, which is the process by which a mobile device is made compatible with telephone networks with which it was not specifically licensed to be used.
You can easily contact us by
email, via our
enquiry form or simply call us on 01373 888 333.
Posted by Lee Edge on 13/10/2009
Back to News