If you’ve got a jailbroken iPhone, listen up: a worm is reported to have broken out in Australia that targets owners who have not changed the default password after installing SSH.
The worm’s behavior is somewhat amusing: it changes your background to a photo of Rick Astley, then looks for other phones on the network to infect. That said, the exploit could easily be used by hackers with malicious intent for more nefarious purposes.
If you have a jailbroken iPhone and you’ve installed SSH without changing the default password (from “alpine”) you need to do so to avoid such attacks. If you have not jailbroken your iPhone or iPod Touch and installed SSH, you are not affected.
Sophos writes of the exploit:
SophosLabs is analysing the worm’s code, which suggests that at least four variants have been written so far. One of the attributes of the latest variant (labelled the “D” version) is that it tries to hide its presence by using a filepath suggestive of the Cydia application.
The source code is littered with comments from the author suggesting the worm has been written as an experiment. One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them.
You have been warned!
iPhone Worm Creator Hired as Developer
, Nov 27, 2009 1711 hrs IST
First jailbroken iPhone worm creator will now develop apps for iPhone
Just like Michael 'Mikeyy' Mooney, the Twitter Worm creator got lucky by getting hired, now first jailbroken iPhone worm creator Ashley Towns aka "ike_x" got a job as iPhone Developer. Recently, Towns had alarmed the jailbroken iPhone owners with first iPhone worm. The first worm created by exploiting the loop hole in iPhone OS surely grabbed attention of employers.
Ashley Towns aka ikeeex on Twitter tweeted that he got a job as iPhone Developer. Graham Cluley, security analyst at Sophos Labs, once again criticized this development just like he did in Mooney's case. Cluley pointed out, in the blog post, that the first iPhone worm lead to creation of a new dangerous worm that steals financial information from iPhones and iPod Touch.
Towns will be joining Mogeneration, an iPhone App development company based in Australia.
It is indeed surprising to see the overnight hiring of the worm creator whose prank must've bothered thousands. These young folks exploit the loopholes in the codes of websites or software and then grab attention.
And now, with Town getting hired, several other teenagers may get into such nefarious activities to get money or to be hired by some development company.
Not always one can expect to be rewarded for pointing a loophole and high chances of getting behind bars always exist. Finding and reporting loopholes should be encouraged by companies of the affected product rather than letting some third party reap its benefits.
Most Users Ever Online: 288
Currently Browsing this Page:
Guest Posters: 2
Newest Members:Makguyver, oxygen1, Nicole, Miceal, TalentM, Lewis, TheGovernmentIsHere, Joanna, Leigh Matthews, Jack
Administrators: John Greenewald: 626, blackvault: 1776