backtop


Print 21 comment(s) - last by PrinceGaz.. on Nov 9 at 6:55 PM


Owners of jailbroken iPhones who haven't changed their passwords have been rickrolled by a new worm.  (Source: Sophos)
Worm is first known iPhone worm, originated in Australia, may be spreading overseas

Rick Astley, an English singer-songwriter and musician, first became famous for his 1987 hit "Never Gonna Give You Up".  The music industry in the 1990s gave up on Astley, but Astley didn't give up on it.  He managed to recapture attention in 2007 thanks to one of the most infamous viral video crazes.  Links popped up all around the internet to Astley's hit and the term "rickrolling", originally referring to tricking people into watching the video, became a common colloquialism.

Now an internet worm is achieving what Apple has been unable to do -- punish those with jailbroken iPhones (phones freed of Apple's app restrictions).  Sophos, a leading security firm, appears to be the first to have investigated the amusing virus.  The virus, which "rickrolls" users, changing their wallpaper to an image of Rick Astley.  It appears to do little else other than spreading to other jailbroken iPhones in the user's contact list.

The worm can infect any jailbroken iPhone with SSH installed and an unchanged default password.  The password on jailbroken iPhones defaults to "alpine".  Users can change this by installing the MobileTerminal app, available from the Cydia undergound app store, and typing the command passwd.

While the Rick Astley worm appears to be mostly confined to Australia at this point, European iPhone users with jailbroken phones received a similar surprise last week.  A Dutch hacker sent numerous users with jailbroken iPhones a message, demanding they pay him 5 euros.  Like the Astley virus, the hacker took advantage of the fact that many users have jailbroken iPhones with unchanged passwords.  A "trivial" port discovery and login via the SSH protocol later, the hacker was able to post his ransom demand.

The hacker has since recanted and stopped asking people for Paypal payments, and has now posted free instructions of how to protect jailbroken iPhones.  While these incidents may have been mere annoyances, its seems only a matter of time before an actual malicious virus is unleashed on the jailbroken iPhone community.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: That's what your get...
By PrinceGaz on 11/9/2009 3:33:41 PM , Rating: 5
It is not Apple's fault. For this worm to work, the user must have first jailbreaked the device, then used Cydia (or similar) to install OpenSSH, and then despite knowing the device can be logged into as root with a well known password, not bothered to either change the password or to turn SSH off using something like SBSettings.

Would anyone here really be stupid enough to leave the root account wide open on their iPhone/iTouch by installing OpenSSH and not realising the risk it poses?


RE: That's what your get...
By mydogfarted on 11/9/2009 3:45:55 PM , Rating: 1
Exactly. It would be like blaming GM because someone stole a dozens of Impalas because people left the windows open, with the keys in the ignition.


RE: That's what your get...
By Noubourne on 11/9/2009 4:06:04 PM , Rating: 2
Your analogy would only work if it was necessary to open the windows with your key in the ignition in order to shift an Impala into Park.


RE: That's what your get...
By drycrust on 11/9/2009 4:11:40 PM , Rating: 5
quote:
because people left the windows open, with the keys in the ignition


I disagree, it is more blaming GM because they said you should not modify the car, and then people went and fitted racing slicks to the car, then those people crashed while driving in the wet.


RE: That's what your get...
By sc3252 on 11/9/2009 4:53:36 PM , Rating: 2
I didn't know ssh wasn't installed by default(I don't own a iphone or have I used one). I guess people shouldnt be jail breaking if they have no clue about open ports or services running in the background. Is it required to install SSH or are people just installing it for the hell of it because they think they need it?


RE: That's what your get...
By PrinceGaz on 11/9/2009 6:55:04 PM , Rating: 2
Many people install SSH because it provides a convenient way to freely access the entire file-system of the iPhone from another computer. Quite a few people who jailbreak might be reading some sort of potted guide on how to do it, without realising the implications of some of the steps, but anyone who actually has a genuine use for SSH would surely realise the security implications of allowing access to the entire device via a well known password.

I suppose if someone was following a jailbreaking guide which simply said "Step x. go into Cydia, search for OpenSSH and install it" then ordinary users could be excused for not changing the password or disabling it most of the time (assuming their guide didn't tell them to do either of the both as the following steps).

I'd say that people should not jailbreak unless they are aware of what the risks are, and in particular any risks associated with subsequent installs from Cydia or elsewhere (cracked IPAs for instance).


"Paying an extra $500 for a computer in this environment -- same piece of hardware -- paying $500 more to get a logo on it? I think that's a more challenging proposition for the average person than it used to be." -- Steve Ballmer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki