Article

First iPhone worm 'Ikee' out in the wild, affects Jailbroken devices

SearchSecurity.in Staff

Antivirus vendor F-Secure Corporation claims to have located the first iPhone worm, which is currently spreading in the wild. Titled 'Ikee', the iPhone virus is able to infect only those devices which have been 'Jailbroken' by their owners. Jailbreaking essentially removes iPhone's inbuilt protection mechanisms, which allows users to run software of their choice.

Ikee alters the affected iPhone's wallpapers to a picture of Rick Astley (of Rickroll fame). It also generates the message "ikee is never going to give you up" along with the picture. After Ikee infects an iPhone, it disables the SSH (Secure Shell) service, preventing re-infection. "The worm targets users who have jailbroken their phone but have not changed their default root login password. It will search for vulnerable iPhones by scanning a handful of IP ranges - most of which are in Australia. At the moment, we have no confirmed reports of Ikee outside of Australia," informs Chia Wing Fei, the senior response manager of F-Secure Security Labs.

Requires Free Membership to View

Users of Jailbroken iPhones should change root passwords by installing the MobileTerminal, a terminal emulator application for the iPhone.
,
F-Secure claims that Ikee's creator has released the full source code for four existing variants of this worm. This creates the possibility of more deadly variants.

Fei suggests that users of Jailbroken iPhones should change root passwords by installing the MobileTerminal, a terminal emulator application for the iPhone. MobileTerminal is available for download from the terminal's download page or at F-Secure's cached copy.

The iPhone's root password can be changed using MobileTerminal with the following steps:

1. Install the MobileTerminal Package.

2. Run MobileTerminal – this program will be on your SpringBoard are called "Terminal".

3. Obtain Administrator Access - run "sun root" and provide the root password. The default password as provided by Apple is "alpine".

4. Change the root Password – run "password" and type in your new password twice. Please note that your key presses will not be displayed on the terminal screen for security reasons.

5. Change the mobile Password – this is the regular user account on the device. Run "passwd mobile" and repeat as directed above.

6. Close MobileTerminal.