The Black Vault Message Forums

Discover the Truth!        

Information Technology / Computer Talk

A New iPhone Worm is Here, And This Time it’s Malicious.

A forum where you can view tech and computer related articles and exchange tips and advice. Need help with a computer problem? This is the forum for you!

Postby rath » Fri Nov 27, 2009 6:02 am

A couple of weeks ago, the first iPhone worm appeared, spreading on jailbroken devices with the SSH application installed (vulnerability being the fact that many users haven’t changed the default root password). As far as worms go, this one was quite benign, merely “rickrolling” users; i.e., changing the background image on the device to an image of Rick Astley.

Now, according to early reports of strange activity by Dutch ISP XS4ALL, and later confirmed by Sophos, there’s a new worm in the wild, and this one is far more malicious.

The new worm is called “Duh” or “Ikee.B”, and it uses the exact same vulnerability as the first one. The fix is thus identical – change the root password in the SSH application to something other than the default, which is “alpine”.

Failing to do so might result in very serious consequences. According to Sophos, Ikee.B is “designed to connect to a server in Lithuania and to follow orders from remote hackers.” It can find vulnerable iPhones on a wide range of IP addresses, including IPs in several different countries, for example the Netherlands, Portugal, Australia (Australia), Austria, and Hungary. Furthermore, it changes the root password on the iPhone to “ohshit” (as discovered by Paul Ducklin, head of technology in Sophos Asia Pacific.)

Users who haven’t jailbroken their iPhone or haven’t installed the SSH application are not affected by this vulnerability.
Posts: 4344
Joined: Thu Apr 09, 2009 11:54 am

Return to Information Technology / Computer Talk

  • View new posts
  • View unanswered posts
  • Who is online
  • In total there are 0 users online :: 0 registered, 0 hidden and 0 guests (based on users active over the past 10 minutes)
  • Most users ever online was 292 on Mon Apr 23, 2012 3:19 pm
  • Users browsing this forum: No registered users and 0 guests