RSS Alerts

Share

More services

Related Links

Related Stories

  • DeviceLock reduces data loss via iPhone and Blackberry local synchronisation
    DeviceLock, a provider of endpoint data loss prevention software solutions, has said that version 6.4.1 of its DeviceLock software delivers “highly granular, interface-independent control over local data synchronisations” between iPhone, iPod touch mobile devices and corporate endpoint computers.
  • The iPod and iPhone could be used for hacking
    Applications on the Apple iTunes website are arguably what makes the iPhone so popular in mobile phone circles, but a growing number of users are unlocking (jailbreaking) their iPhones, for the simple reason that it opens up the mobile to third-party applications. This means the iPod and iPhone could be used for hacking.
  • Black Hat: major iPhone hack to be revealed today
    You could never describe the Apple iPhone as totally secure, given the number of jailbreaks that crackers have developed to unlock the popular handset from its partner networks, but researchers at the Black Hat security conference are scheduled to reveal a serious chink in the mobile's armour today.
  • RSA unveils iPhone SecurID application
    RSA, the security division of EMC, has unveiled SecurID Software Token for iPhone Devices which it claims allows the Apple cellular handset to be used an RSA SecurID authenticator.
  • iPhone may be weak link in company information security defences
    Research commissioned by DeviceLock, the end point security company, claims to show that many firms are failing to act on the information security risks that the Apple iPhone poses to their IT resources.

Top 5 Stories

News

First iPhone worm appears - and it's never gonna give you up

09 November 2009

It's taken a while, but the first real iPhone worm has appeared, although its payload appears to be relatively benign - unless that is, you dislike Rick Astley, the 1980s pop star from Newton le-Willows in Lancashire.

The Ikee iPhone worm - which surfaced in Australia earlier this month - only targets users of `jailbroken' Apple iPhones who have not changed the default password after installing the secure shell (SSH) data exchange applet.

Jailbreaking an iPhone is the name for the process of unlocking the handset from its network and allowing any SIM cards to be used with the iPhone. The process also allows applications - known as apps - to be sourced and loaded from sites other than the Apple App Store.

The payload of the Ikee iPhone worm appears to be benign in that it loads a picture of Rick Astley - famed for his 1987 hit `never gonna give you up' - and whose music career rebounded when, in 2007, the song was subject of a viral internet posting in which an estimated 25 million users were tricked into watching his video.

The trick was perpetrated by posting the music video under the name of other popular video titles and soon became known as Rickrolling.

The viral process - copied by others - became so popular that on 1 April last year, the YouTube video portal pranked its users by making every featured video on the front page a Rickroll.

The payload on the Ikee iPhone worm changes the background on the iPhone to the promo picture used in the Rickroll campaign, and then hunts out other iPhones on the network to infect.

In a Sunday blog posting by Graham Cluley, Sophos' senior technical consultant, he said that at least four variants of the Ikee iPhone worm have been spotted.

One of the iPhone worm variants, Cluley said, tries to hide its presence by using a filepath suggestive of the Cydia application.

Infosecurity notes that the iPhone worm source code is peppered with comments from the author suggesting the iPhone worm has been written as an experiment.

One of the comments apparently berates affected users for not following instructions when installing SSH, because if they had changed the default password the iPhone worm would not have been able to infect them.

According to the Sophos blog posting, on each installation, the iPhone worm - written by a hacker calling themselves `ikex' - "changes the lock background wallpaper to an image of Rick Astley".

The message - ikee is never going to give you up - then appears.

"What's clear is that if you have jailbroken your iPhone or iPod Touch, and installed SSH, then you must always change your root user password to something different than the default, `alpine'. In fact, it would be a good idea if you didn't use a dictionary word at all", said Cluley in his blog posting.

This article is featured in:
Application Security • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012