New "Malicious" variant of the Rickrolling worm now available

Another iPhone worm similar to the "Rickrolling" malware has been found targeting users in the Netherlands. The BBC is reporting on this variant of the threat, calling it "Clearly malicious" because it attempts to both remotely control affected iPhones and also steal personal information such as bank login IDs.

CNET Reporter "Don Reisinger" wrote about the new threat in an article earlier today.

Without going into too much detail, like other variants of this malware, it requires you to have jailbroken your iPhone, installed SSH, and then not changed the root password. For people who have not jailbroken their iPhones, this problem is a non-issue; however, for those who have it would be best to revert the iPhone back to factory settings. Alternatively, you can try to change the root password, but even if successful there may be other unforeseen vulnerabilities with the jailbroken software that may allow for further attacks and instabilities.

The factory settings are the most secure way to run your iPhone, since for now there are no ways to scan for and remove malware that has made its way onto the devices. I am sure security firms like Intego and Sophos are interested in developing such programs, but I imagine there are a number of hurdles for them to jump through before this is possible (for instance, an effective one would essentially have to jailbreak the phone).

For now, our best advice is to avoid jailbreaking your iPhone.

Questions? Comments? Post them below or email us!
Be sure to check us out on Twitter and the CNET Mac forums.