SpaceGhost Posted November 9, 2009 Report Share Posted November 9, 2009 http://www.macrumors.com/2009/11/09/first-iphone-worm-affects-jailbroken-iphones-in-australia/ http://images.macrumors.com/article/2009/11/09/093618-rick_astley_worm_background.jpg Antivirus firm Sophos details the first known iPhone worm in the wild, which surfaced in Australia late last week. The worm affects users who have jailbroken their iPhones and installed SSH without then changing the default password and is currently a harmless exploit that simply changes the user's iPhone background to an image of singer Rick Astley, but could be used for much more malicious purposes. The worm, which could have spread to other countries although we have no confirmed reports outside Australia, is capable of breaking into jailbroken iPhones if their owners have not changed the default password after installing SSH. Once in place, the worm appears to attempt to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself again. In analyzing the worm, Sophos has found multiple variants, as well as numerous comments within the code suggesting that the worm is an experiment to draw attention to the risks faced by users who have not taken appropriate steps to secure their devices. The source code is littered with comments from the author suggesting the worm has been written as an experiment. One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them. A forum poster known as ike_x on the Australian forum where the worm was first discussed has taken credit for the exploit and has been assisting affected users with removing it from their systems. Quote Link to comment Share on other sites More sharing options...
JaSSon Posted November 9, 2009 Report Share Posted November 9, 2009 Only if you install SSH. I haven't installed SSH. Quote Link to comment Share on other sites More sharing options...
twistedfocus1647545489 Posted November 9, 2009 Report Share Posted November 9, 2009 I had SSH but I changed the default password. Most SSH programs recommend right in their install instructions to do exactly that, so these people are kind of asking for it. Quote Link to comment Share on other sites More sharing options...
SpaceGhost Posted November 9, 2009 Author Report Share Posted November 9, 2009 Just a public service announcement for my Jailbroken peeps. Quote Link to comment Share on other sites More sharing options...
justinwebb Posted November 9, 2009 Report Share Posted November 9, 2009 I laughed when I read that glad I changed my password when I installed it as I use SSH all the time and could see how it would be so easy to just go into anyone's phone Quote Link to comment Share on other sites More sharing options...
JaSSon Posted November 9, 2009 Report Share Posted November 9, 2009 What exactly is SSH? Quote Link to comment Share on other sites More sharing options...
Mr. Jones Posted November 9, 2009 Report Share Posted November 9, 2009 If you jailbreak and install SSH without knowing better, I hope your Iphone gets cornholed. Quote Link to comment Share on other sites More sharing options...
justinwebb Posted November 10, 2009 Report Share Posted November 10, 2009 What exactly is SSH? Used to view the filesystem on the iPhone and transfer stuff back and forth I use it a lot when doing themes and cracked apps and I agree with jones it's pretty dumb to just leave it with the default password I thought the mac enthusiast people were smarter then this Quote Link to comment Share on other sites More sharing options...
Mr. Jones Posted November 10, 2009 Report Share Posted November 10, 2009 Used to view the filesystem on the iPhone and transfer stuff back and forth I use it a lot when doing themes and cracked apps and I agree with jones it's pretty dumb to just leave it with the default password I thought the mac enthusiast people were smarter then this Although he is probably only interested in SSH in reference to the haxor, I thought I'd include the gay rudimentary wiki link for him to read: http://en.wikipedia.org/wiki/Secure_Shell Quote Link to comment Share on other sites More sharing options...
Putty Posted November 10, 2009 Report Share Posted November 10, 2009 I have openSSH on my phone. Use it all the time. I remote to the file system with it. Great product. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.