First iPhone worm only affects jailbroken devices

The first worm written for Apple Inc.’s iPhone has been unleashed and is infecting phones in Australia.

However, the worm, known as Ikee, is only a threat to users who have jaibroken their phones to let them run unauthorized software, security experts say.

Related stories:

Jailbreaking your iPhone unlocks 9 awesome features

Jailbreaking too tempting for many iPhone users to pass up

How to make your cell phone completely spam free

In fact, Ikee doesn’t do anything particularly bad — it changes the victim’s wallpaper to a photograph of 80s singer Rick Astley and then seeks out other phones to infect — but it could be modified to do something more dangerous such as stealing sensitive information from the iPhone. “There is a real danger that someone could take this code and make it do something malicious,” said Graham Cluley, a technology consultant with security vendor Sophos.

The worm does not affect most iPhone users; only those with jailbroken iPhones that are running a Unix utility called SSH (Secure Shell) with the iPhone’s default password, “alpine,” still in use. SSH lets someone connect to the iPhone remotely over the Internet, so installing this software with the default password in place is akin to adding an unlocked back-door to the device. It doesn’t affect users who use the phone in conjunction with Network Address Translation (NAT), a popular networking technology that lets many users share the same IP address.

Security experts have known about this particular risk for some time now. Last week a Dutch hacker started hacking into iPhones that were vulnerable to this attack and demanded

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.