Jailbroken iPhones the target of new malicious worm - updated: new password revealed

Once again takes advantage of iPhones which have SSH installed and have not changed the default password

A new iPhone worm is on the loose and this time it has a sting in it’s tail – it’s malicious.

Security outfit F-Secure is reporting that it has picked up a sample of a malicious iPhone worm with botnet functionality, and like the Ikee worm, it only affects jailbroken iPhones which have SSH installed and have not changed the default password.

The company says the worm connects to a web-based command and control centre running at 92.61.38.16 in Lithuania.

“The worm is not widespread, but it is much more serious than the first iPhone worm as it seems to try to steal information from the devices,” the company reports on its security blog.

“We're working on full analysis and should have it available later.”

The new worm surfaces just weeks after the first iPhone worm, Ikee, emerged targeting Australian jailbroken iPhones changing users' phone wallpaper to an image of Rick Astley.

Email Computerworld or follow @computerworldau on Twitter.

Update: Sophos has reported that the worm, informally known as 'Duh', turns iPhones into zombies.

The company says Duh also changes the password on your iPhone editing the encrypted value of the password in the master password file, so that the new password is never revealed.

"If you're infected with this new iPhone virus, you really ought to say 'Duh', since you could so easily have prevented it by changing your password. You may also think 'ohshit' -- and if you do, the virus writers are having the last laugh, because that's the new root password,' Paul Ducklin, head of technology, Asia Pacific at Sophos.

More about: F-Secure, Sophos, SSH
References show all

Comments

1

Cksoon

Thu 10/12/2009 - 04:19

im from Malaysia..
my iphone

im from Malaysia..
my iphone 2G was infected by this "ikee" virus.
how can i remove it..!!!
please....

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Ikee, iPhone, jailbreaking
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/205/divx-plus/

DivX Plus

Divx Plus 8 provides you with a Web Player which allows you to watch DivX, AVI and MKV videos in your web brower; you can ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia