Users of insecure, jailbroken iPhones are reporting their smartphones have been hit by a worm that turns their lock wallpaper to that of 1980s pop star Rick Astley.
Users of insecure, jailbroken iPhones are reporting their smartphones have been hit by a worm that turns their lock wallpaper to that of 1980s pop star Rick Astley.It may seem mostly harmless with its wallpaper-changing payload, but the first-ever worm to spread via iPhones could be an omen of more sinister attacks to come.
SophosLabs is warning iPhone users who have jailbroken their devices to ensure they have not left their smartphones open to infection.
Affected users in Australia have reported the wallpaper shown when they lock their iPhones is changed to an image of 1980s British pop star Rick Astley, with a message:
"ikee is never going to give you up"
Wallpaper of Rick Astley displayed by the ikee iPhone worm
The worm, which could have spread to other countries, is capable of breaking into jailbroken iPhones if their owners have not changed the default password ("alpine") after installing SSH. Once in place, the worm hunts for other iPhones that are similarly vulnerable on the mobile phone network, and installs itself again.
This isn't the first time hackers have taken advantage of poorly secured jailbroken iPhones that have not had their SSH passwords changed. About a week ago, iPhone users in the Netherlands were told they would have to pay 5 Euros ransom to gain control of their cellphones after a hacker used a similar trick -- although on that occasion the attack did not spread in a viral manner.
This latest incident, however, raises the stakes -- and it wouldn't be hard to imagine that more hackers might become intrigued about the possibility of striking jailbroken iPhones in this fashion to deploy more sinister payloads than an image of Rick Astley in future.
Analysts at SophosLabs are continuing to examine the iPhone worm's code, and new information is being published on my blog on the Sophos Website.
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.
Read more about:
2009About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024