First iPhone Virus Hits Jailbroken iPhones Across Australia

The first known actual iPhone worm has been spreading across jailbroken iPhones in Australia late last week. The worm seeks out jailbroken iPhones with SSH installed in which the default password has not been changed, and installs itself on the device. Once installed, it changes the background to an image of Rick Astley and looks for other phones on the network to install itself on, though it has the potential to be used for more malicious things.

Antivirus firm Sophos has examined several instances of the worm, and has found multiple variants. They also found comments in the code suggesting that this was an experiment, and was created as a stunt to spotlight how insecure most jailbroken iPhones are.

A forum member on the Australian forum where the exploit was first discussed by the alias ike_x has taken credit for the worm and has been assisting users in removing it.

One individual going by the online surname JD interviewed Ikee over IRC chat, and published it to his blog, in which Ikee answers questions like why he did it.

First i was curious to how far something like this would actually spread, i think what most people were unaware of is the fact it IS a worm and every phone that got infected with it was spreading it (I initially only infected 3 phones when I woke up i checked google and found out a fair few people were hit with it)
[09:05] Secondly i was quite amazed by the number of people who didn’t RTFM and change their default passwords.

So far, there have been no reports of the worm outside of Australia.

[via TUAW]

View the comments on the forum…