1. patches152's Avatar
    Worm Attack Rickrolls Aussie iPhones - InternetNews.com

    The first known worm for the iPhone burrowed into "jailbroken" versions of the popular smartphone in Australia, according to reports.
    The worm, purportedly created by 21-year-old Sydney Web designer Ashley Towns and dubbed "ikee," only affects versions of the iPhone that users have "jailbroken" to customize or run non-Apple-sanctioned apps.
    The attack does not compromise data on the iPhone -- instead it's the latest incarnation of the Internet "Rickrolling" gag, which typically dupes Web surfers, forum members, e-mail recipients and other netizens into viewing a clip of pop star Rick Astley's "Never Gonna Give You Up" video.
    In the case of ikee, the attack changes users' iPhone wallpaper to a picture of Astley with a tag line referring to his top hit, according to the Australian Daily Telegraph.

    Once in place on an iPhone, the virus tries to find other iPhones on the same mobile network that are vulnerable and installs itself, according to a blog post by Graham Cluley, a senior technology consultant at security firm Sophos.
    The worm has not been reported to have spread outside of Australia.
    Towns outed himself as the worm's creator on Twitter, using the moniker Ikeeex, and saying he created the attack to alert people to the importance of having secure passwords to protect personal data.
    Cluley's analysis of the worm may back up that claim. In his blog post, the researcher said that the worm's source code contained comments by the author suggesting it had been "written as an experiment."

    "One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them," Cluley wrote.
    Given the parameters of the virus, another industry watcher agreed the code is not very malicious.
    "It only compromises phones that users have hacked in a way that breaks the terms of Apple's end user licensing agreement -- specifically the act of 'jailbreaking' their iPhone," Jamie de Guerre, CTO of mobile messaging security firm Cloudmark, said in a statement. "Further, it does not capitalize on a software vulnerability, rather just on user negligence to change the default password of the remote access software made available after jailbreaking their phone."
    While Apple has sometimes come under fire for running a closed system for the iPhone, de Guerre said it also may be why the iPhone has not been a prime target.
    "Apple's process of a closed model definitely reduces the risk of malicious apps showing up on user devices," de Guerre told InternetNews.com.
    News of the Australian hacker comes on the heels of another attack localized on Dutch jailbroken iPhones.
    With the popularity of smartphones on the rise, the threat of attacks also looms ever larger. Still, de Guerre said he believes the mobile industry so far has been proactive.
    "It's a basic principle of security -- the more popular the medium, the more likely there will be attacks, and that's true with smartphones," he said. "Now with application downloads, it opens up more risks. Having said that, the mobile industry is doing a great job of being aware of that and putting in place defenses. That's why what we've seen is usually on devices that are jailbroken."
    sucks to be an austrailian iphone user i guess....anyway, good for lulz.
    11-12-09 01:35 AM