First iPhone worm found

BANGALORE, INDIA: F-Secure has located the first iPhone worm, dubbed as Ikee. It's currently spreading in the wild, but it's only able to infect devices that have been 'jailbroken' by their owners. Jailbreaking removes iPhone's protection mechanisms, allowing users to run any software they want.

Affected users will find that their iPhone wallpaper has been altered to a picture of Rick Astley (of Rickroll fame) and the message "ikee is never going to give you up".

Chia Wing Fei, senior response manager of F-Secure Security Labs said, "The worm targets users who have jailbroken their phone but have not changed their default root login password. It will search for vulnerable iPhones by scanning a handful of IP ranges - most of which are in Australia. At the moment, we have no confirmed reports of Ikee outside of Australia."

After Ikee infects a phone, it disables the SSH service, preventing re-infection.

The creator of the worm has released full source code of the four existing variants of this worm. This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper or might try password cracking to gain access to devices where the default password has been changed.

Fei suggests users to change root password to protect your jailbroken iPhone,

1.    Install MobileTerminal Package

2.    Run MobileTerminal – this program will be on your SpringBoard are called "Terminal"

3.    Obtain Administrator Access  - run "sun root" and provide the root password. The default password as provided by Apple is "alpine"

4.    Change the root Password – run "password" and type in your new password twice. Please note that your keypresses will not be displayed on the terminal       

       screen for security reason

5.    Change the mobile Password – this is the regular user account on the device. Run "passwd mobile" and repeat as directed above

6.    Close MobileTerminal