If you’ve got a jailbroken iPhone, listen up: a worm is reported to have broken out in Australia that targets owners who have not changed the default password after installing SSH.
The worm’s behavior is somewhat amusing: it changes your background to a photo of Rick Astley, then looks for other phones on the network to infect. That said, the exploit could easily be used by hackers with malicious intent for more nefarious purposes.
If you have a jailbroken iPhone and you’ve installed SSH without changing the default password (from “alpine”) you need to do so to avoid such attacks. If you have not jailbroken your iPhone or iPod Touch and installed SSH, you are not affected.
Sophos writes of the exploit:
SophosLabs is analysing the worm’s code, which suggests that at least four variants have been written so far. One of the attributes of the latest variant (labelled the “D” version) is that it tries to hide its presence by using a filepath suggestive of the Cydia application.
The source code is littered with comments from the author suggesting the worm has been written as an experiment. One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them.
You have been warned!