Fist Malicious iPhone worm out The first ever iPhone worm scared iPhone users worldwide, by exploiting the SSH package on jailbroken iPhones and changing users’ wallpapers with an photo of Rick Astley, an ’80s pop icon, and the text ikee is never going to give you up. Well, for those of you who didn’t take heed and change your SSH password after the first worm, beware – there is another worm out in the wild and this one means business.

What does the worm do?

First, it scans a whole range of IP addresses for vulnerable iPhones, and when it finds them, it easily goes and installs itself on the phones it is able to find. Unlike the first worm, which was obviously written for fun and did nothing more than change the wallpaper, this one is dangerous, and has been spread with malicious intent. Since the SSH exploit gives the worm root access to the phone, almost anything is possible. So far, the worm has been able to steal SMS history and send it back to a botnet server, from where it can receive new commands. This means a remote-controlled worm with root access to your phone. Not good.

Whom does it affect?

This worm will be able to infect any jailbroken iPhone on which the SSH package is installed and the root password is not changed. So far, it has been reported in the Netherlands, on the XS4ALL network, which has advised it’s users of the danger.

What is this SSH exploit anyway?

When you jailbreak your iPhone (which, by the way, is a process meant only for the technically-savvy) and install the SSH package, you are giving yourself a way to access your phone’s root filesystem from the outside. Unfortunately, you’re also allowing anyone root access to your phone, because the default password is “alpine” and everyone knows that. So, in short, SSH is a software that allows you remote root access to your device if you know the password. And if you don’t change the password, you’re in trouble.

What do I do if I already have the worm?

Well, removing the SSH package will not help, because the worm is already inside. So the safest thing to do is to reflash your iPhone using iTunes (you’ll lose all saved data in the process). And next time you jailbreak it, remember to change your SSH password!

Related Posts with Thumbnails

Popularity: 1% [?]

You Should Also Check Out These Posts: