Jailbroken iPhone? SSH installed? Beware of worms!
A worm has been discovered that currently seems to change the background wallpaper of jailbroken iphones as a proof-of-concept attack, but exposes a vulnerability in the iPhone.
Along with Apple's growing popularity, the various platforms Apple produces (iPhone, iPod, and Mac OS) are becoming more and more of a target for hackers and malware developers. The latest discovered threat affects jailbroken iPhones which have SSH installed and active, and installs a wallpaper of Rick Astley that has the phrase "ikee is never going to give you up" in red letters.
CNET Editor Caroline McCarthy discussed this new "Rickrolling" prank in an, which comes on the heals of July's .
According to Sophos, the current worm is available in four variants, which suggests more may soon be released. So far the worm does not appear to do anything malicious to affected iPhones, and seems to be more of a proof-of-concept attack than anything else; however, it does expose a vulnerability for those who have jailbroken their systems.
The worm mainly takes advantage of an overlooked security step where people who have enabled SSH have not changed the root password from the default "alpine" to something else. This basically will allow any script to run if it provides this password, so for worried iPhone users here are some simple suggestions:
- Do not jailbreak your iPhone unless you are aware of these and other consequences.
- If you do install or enable SSH, change the root password.
If you have already jailbroken your iPhone and have been affected by this worm, your safest course at this point would be to use iTunes to completely wipe the device and restore. Currently the malware is only a prank, but it will take time for malware detectors such as Sophos to fully analyze the code. Hopefully you have a recent backup of your iPhone that you can restore. Meanwhile, we should expect Apple to address this problem in some form with an update, though they have warned numerous times against jailbreaking iPhones so fixing jailbroken ones may not be on their list of priorities.
AV for iPhone?
Since the iPhone OS is a variant of OS X, and is clearly a target for people bent on exposing or taking advantage of vulnerabilities, does this mean users will someday need to have antivirus enabled on their phones and mobile devices? I imagine solutions such as this will make their way out, but as always the best way to secure your devices is to be smart about them. Installing SSH on your iPhone should be researched and tested before you rely on it and do it.