1. ST79's Avatar
    The world's first iPhone virus is reported to be in the wild, targeting users who have cracked, or jailbroken, their phone.

    The virus, which so far appears to be confined to Australia, changes the users wallpaper to an image of 1980s pop star Rick Astley, and displays the message Ikee is never gonna give you up.

    Only those users who have cracked, or jailbroken, their phones and not changed their passwords from the default "alpine" can be affected.

    Security firm Sophos said that once in place, the worm attempts to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself on them.

    "This is a wake-up call to iPhone users around the world to take greater care about their security - especially if they jailbreak their phones," said Sophos senior technology consultant, Graham Cluley.

    "Businesses also need to ensure that they don't have staff who are endangering corporate data by running insecure smartphones. Other inquisitive hackers may also be tempted to experiment, and could take the code of ikee and adapt it to have a more sinister payload."

    Sophos researchers have traced the virus back to Ashley Towns, 21-year-old student from New South Wales. Towns admitted to releasing the worm on his Twitter page, saying that he did so because he found that 26 out of 27 accessible iPhones he had tested were vulnerable because they had not changed their passwords.

    Finnish security firm F-Secure has also warned about the virus, and advised iPhone users to expect further attacks.

    "The creator of the worm has released full source code of the four existing variants of this worm. This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper or might try password cracking to gain access to devices where the default password has been changed," the firm said in a blog post.

    World's first iPhone virus surfaces - Yahoo! News UK
    11-09-09 10:13 AM
  2. pks's Avatar
    Why is this posted in the Bold 9000 forum? LOL

    Posted from my CrackBerry at wapforums.crackberry.com
    11-09-09 10:17 AM
  3. jlsparks's Avatar
    Good reading for corporate IT folks worldwide. Thanks for the link.
    11-09-09 10:17 AM
  4. ST79's Avatar
    Why is this posted in the Bold 9000 forum? LOL

    Posted from my CrackBerry at wapforums.crackberry.com
    Just an information mate... Lot of people on here use both devices...
    11-09-09 10:19 AM
  5. montecarloss919's Avatar
    I dont think to many IT people should be concerned...Its only jailbroken/ cracked phones...hopefully corp iphone users arent unlocking their phones
    11-09-09 10:46 AM
  6. scis30's Avatar
    2 questions.
    1) a guy. named Ashley? really?
    2) how do i change the PW, i'm running 3.1.2 unlocked with blackra1n
    11-09-09 11:07 AM
  7. stuaw11's Avatar
    as above:

    1) must be jailbroken which is a small % of total iphones

    2) must use Open SSH, an even small % of the small % above

    3) must be using the stock "alpine" password and have never changed it, even smaller % of the % from 1 and 2

    This is a VERY small group of users this could maybe possibly effect. May be a worm, but its not the typical PC worm which can get most computers.
    11-09-09 11:46 AM
  8. alexs0fly's Avatar
    Funny and scary at the same time

    Posted from my CrackBerry at wapforums.crackberry.com
    11-09-09 11:49 AM
  9. stuaw11's Avatar
    Well i dont know what people expected.

    SSH is basically like leaving your back door of your house open and when someone walks in and robs you, you cry. If you install SSH to hack the phone you should know the risks. Even more so you know the risks if you leave SSH open ALL the time (there are ways to turn it off like SBSettings toggle in Cydia). I ALWAYS has mine off when I wasnt using it (before changing my stock password, and even now). Anyone who installs it should know its the way into your phone filesystem

    And people wonder why stuff like this happens to them...they leave the back door wide open for anyone to walk in because they dont know what theyre doing.
    11-09-09 12:53 PM
  10. Entrical's Avatar
    Lol. Wonder how many people got rick rolled?

    Posted from my CrackBerry at wapforums.crackberry.com
    11-10-09 11:26 AM
  11. montecarloss919's Avatar
    2 questions.
    1) a guy. named Ashley? really?
    2) how do i change the PW, i'm running 3.1.2 unlocked with blackra1n
    If you search around, the guy who hacked the peoples iphones put a how to online. I 'd look on engadget and tuaw.com if you cant find it online
    11-10-09 04:07 PM
  12. John Yester's Avatar
    11-11-09 11:49 PM
  13. Branta's Avatar
    Nearly two weeks after the iKee.A incident, on 18 November, a new and more malicious iPhone malware was spotted by XS4ALL across parts of Europe [0]. This new malware, named iKee.B, or duh (the name of the bot's primary binary), was based on a nearly identical design of the iKee.A worm. However, unlike iKee.A, this new malware includes command and control (C&C) logic to render all infected iPhones under the control of a bot master. This latest Phone malware, though limited in its current growth potential, offers some insights into what one day may become a widespread threat, as Internet-tethered smartphones become more ubiquitously available.
    Full document
    12-21-09 05:42 PM
  14. Username00089's Avatar
    Great find.

    Usually for the iPhone open SSH is used to explore the phone's file through
    a USB connection. But hopefully people have gotten around to iPhone Folders

    This doesn't require open SSH at all. As a matter of fact iPhone folders can be
    used with a vanilla iPhone (not jailbroken).

    Since all I used open SSH for was to explore, the program has replaced that
    so luckily I was able to just get rid of open SSH all together. Hopefully others
    do the same.
    12-21-09 06:18 PM
LINK TO POST COPIED TO CLIPBOARD