First iPhone Worm Discovered, Rickrolls Jailbroken Phones

Unexpof writes "Users of jailbroken iPhones in Australia are reporting that their wallpapers have been changed by a worm to an image of '80s pop icon Rick Astley. This is the first time a worm has been reported in the wild for the Apple iPhone. According to a report by Sophos, the worm, which exploits users who have installed SSH and not changed the default password, hunts for other vulnerable iPhones and infects them. Users are advised to properly secure their jailbroken iPhones with a non-default password, and Sophos says the worm is not harmless, despite its graffiti-like payload: 'Accessing someone else's computing device and changing their data without permission is an offense in many countries — and just as with graffiti there is a cost involved in cleaning-up affected iPhones. ... Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm. Furthermore, a more malicious hacker could take the code written by ikee and adapt it to have a more sinister payload.'"

Re:So...

[ToasterMonkey]

I don't think this is too surprising, except that it hadn't happened sooner. Large similar populations make for easy targets for viruses. This seems to be a universal. For example, you can see the same principle as mono/multi-culture in agriculture. Compare, say, the diseases apples get with the ones pawpaws get. Apple has always been the minority but here, Apple is the apple. Welcome to having a large marketshare.

This was a problem with the jailbroken sshd config. The people effected by this should not be written off as stupid though! Cellular phone + RTFM or it will get broke into = _serious_ usability flaw. Yes, even something as simple as changing a default password to a remote service on a 24/7 public network connected device. Really, this shows how irresponsible the sshd for iphone package authors were, and why Apple locks things down in the iphone as much as they do. Good job! Now more people will be afraid to jailbreak, and Apple may have to spend more time making sure it can't happen. Way to spoil it for the rest of us.

Go Slashdot!

[red90tsi]

"Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm."

Yay spread the word slashdot!

Apple doesn't have virus problems

[p51d007]

LOL

this is what I would do

[ILuvRamen]

Since we all know only douchebags spend way too much on a locked down, overly-proprietary piece of crap iPhone to show off to their friends so they think they're cool, I'd like to see a worm that makes it randomly play over the speaker, "Warning! Incoming douchebag! Douchebag over here, watch out!"

Re:Summary: it affects ignorant fools

[BitZtream]

Because the people writing software packages for jailbroken phones don't actually know very much about what they are doing?

The just quickly ported SSH and let it use the default passwords, which aren't unique. Which was fine before the phone had anything that used the password file other than UID info. Now that something is authenticating from it, its a bad thing, the fact that its for remote network access makes it a horrible thing.

There is a reason Apple doesn't want every douche bag in the world to be able to throw apps on someones phone. And now you have an example of why they want things to go through the app store.

Oh well, I stopped jailbreaking mine a long time ago, no real need to anymore other than 'omg apple doesn't control me!%!%@!@%'