backtop


Print 21 comment(s) - last by PrinceGaz.. on Nov 9 at 6:55 PM


Owners of jailbroken iPhones who haven't changed their passwords have been rickrolled by a new worm.  (Source: Sophos)
Worm is first known iPhone worm, originated in Australia, may be spreading overseas

Rick Astley, an English singer-songwriter and musician, first became famous for his 1987 hit "Never Gonna Give You Up".  The music industry in the 1990s gave up on Astley, but Astley didn't give up on it.  He managed to recapture attention in 2007 thanks to one of the most infamous viral video crazes.  Links popped up all around the internet to Astley's hit and the term "rickrolling", originally referring to tricking people into watching the video, became a common colloquialism.

Now an internet worm is achieving what Apple has been unable to do -- punish those with jailbroken iPhones (phones freed of Apple's app restrictions).  Sophos, a leading security firm, appears to be the first to have investigated the amusing virus.  The virus, which "rickrolls" users, changing their wallpaper to an image of Rick Astley.  It appears to do little else other than spreading to other jailbroken iPhones in the user's contact list.

The worm can infect any jailbroken iPhone with SSH installed and an unchanged default password.  The password on jailbroken iPhones defaults to "alpine".  Users can change this by installing the MobileTerminal app, available from the Cydia undergound app store, and typing the command passwd.

While the Rick Astley worm appears to be mostly confined to Australia at this point, European iPhone users with jailbroken phones received a similar surprise last week.  A Dutch hacker sent numerous users with jailbroken iPhones a message, demanding they pay him 5 euros.  Like the Astley virus, the hacker took advantage of the fact that many users have jailbroken iPhones with unchanged passwords.  A "trivial" port discovery and login via the SSH protocol later, the hacker was able to post his ransom demand.

The hacker has since recanted and stopped asking people for Paypal payments, and has now posted free instructions of how to protect jailbroken iPhones.  While these incidents may have been mere annoyances, its seems only a matter of time before an actual malicious virus is unleashed on the jailbroken iPhone community.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: That's what your get...
By sc3252 on 11/9/2009 4:53:36 PM , Rating: 2
I didn't know ssh wasn't installed by default(I don't own a iphone or have I used one). I guess people shouldnt be jail breaking if they have no clue about open ports or services running in the background. Is it required to install SSH or are people just installing it for the hell of it because they think they need it?


RE: That's what your get...
By PrinceGaz on 11/9/2009 6:55:04 PM , Rating: 2
Many people install SSH because it provides a convenient way to freely access the entire file-system of the iPhone from another computer. Quite a few people who jailbreak might be reading some sort of potted guide on how to do it, without realising the implications of some of the steps, but anyone who actually has a genuine use for SSH would surely realise the security implications of allowing access to the entire device via a well known password.

I suppose if someone was following a jailbreaking guide which simply said "Step x. go into Cydia, search for OpenSSH and install it" then ordinary users could be excused for not changing the password or disabling it most of the time (assuming their guide didn't tell them to do either of the both as the following steps).

I'd say that people should not jailbreak unless they are aware of what the risks are, and in particular any risks associated with subsequent installs from Cydia or elsewhere (cracked IPAs for instance).


"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki