Ikee alters the affected iPhone's wallpapers to a picture of Rick Astley (of Rickroll fame). It also generates the message "ikee is never going to give you up" along with the picture. After Ikee infects an iPhone, it disables the SSH (Secure Shell) service, preventing re-infection. "The worm targets users who have jailbroken their phone but have not changed their default root login password. It will search for vulnerable iPhones by scanning a handful of IP ranges - most of which are in Australia. At the moment, we have no confirmed reports of Ikee outside of Australia," informs Chia Wing Fei, the senior response manager of F-Secure Security Labs.
Fei suggests that users of Jailbroken iPhones should change root passwords by installing the MobileTerminal, a terminal emulator application for the iPhone. MobileTerminal is available for download from the terminal's download page or at F-Secure's cached copy.
The iPhone's root password can be changed using MobileTerminal with the following steps:
1. Install the MobileTerminal Package.
2. Run MobileTerminal – this program will be on your SpringBoard are called "Terminal".
3. Obtain Administrator Access - run "sun root" and provide the root password. The default password as provided by Apple is "alpine".
4. Change the root Password – run "password" and type in your new password twice. Please note that your key presses will not be displayed on the terminal screen for security reasons.
5. Change the mobile Password – this is the regular user account on the device. Run "passwd mobile" and repeat as directed above.
6. Close MobileTerminal.