Main Menu
Main Page
Forums
New pages
Recent changes
Random page
Help

Glitches
Arbitrary code execution
Pokémon cloning
Pomeg glitch and Glitzer Popping
Tweaking and voiding
Glitches by generation
Glitch categories

References/Resources
Databases
Disassembly projects
The Big HEX List
Pokémon cheat codes
Pokémon glitch terminology
Useful tools
More

Affiliates
Legendary Star Blob 2 (Hakuda) (日本語/Japanese)
Pokémon Speedruns wiki (English)
PRAMA Initiative (Français/French)
MissingNo. Glitch City (Italiano/Italian)
Become an affiliate!

Technical
Site source code

Search Wiki

 

Search Forums

 

Author Topic: First iPhone Worm Found  (Read 1064 times)

0 Members and 1 Guest are viewing this topic.

Fivex

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
First iPhone Worm Found
« on: November 14, 2009, 04:02:22 am »
(source:F-secure)
We have located the first iPhone worm, dubbed as Ikee. It's currently spreading in the wild, but it's only able to infect devices that have been "jailbroken" by their owners. Jailbreaking removes iPhone's protection mechanisms, allowing users to run any software they want.

Affected users will find that their iPhone wallpaper has been altered to a picture of Rick Astley (of Rickroll fame) and the message "ikee is never going to give you up".

ikee iPhone worm

The worm targets users who have jailbroken their phone but have not changed their default root login password. It will search for vulnerable iPhones by scanning a handful of IP ranges — most of which are in Australia. At the moment, we have no confirmed reports of Ikee outside of Australia.

After Ikee infects a phone, it disables the SSH service, preventing reinfection.

To protect your jailbroken iPhone, change your root password. Here's how.

The creator of the worm has released full source code of the four existing variants of this worm. This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper or might try password cracking to gain access to devices where the default password has been changed.

SCf3

  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • I like shorts! They're comfy and easy to wear.
    • View Profile
Re: First iPhone Worm Found
« Reply #1 on: November 17, 2009, 05:19:36 pm »
Haha oh rick astley....that sounds fun? And bad? :o
thank god i dont have an iphone. itouch ftw
Posts:  1,023 (1.746 per day) Date Registered:  May 08, 2006, 02:54:50 am


IIMarckus

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Impersonal Text
    • View Profile
    • iimarck.us
Re: First iPhone Worm Found
« Reply #2 on: November 17, 2009, 10:59:35 pm »
This is not due to a hole or anything, it only affects people who were too stupid to change the default password for SSH.

MissingNo

  • A003 KEY SEQUENCE IS NOT VALID
  • Oldbie
  • *
  • Offline Offline
  • Gender: Male
  • is your local kotaKat
    • View Profile
    • Me!
Re: First iPhone Worm Found
« Reply #3 on: December 12, 2009, 11:56:32 am »
This is not due to a hole or anything, it only affects people who were too stupid to change the default password for SSH.

Coming in a month late but - it's also only affecting people too stupid enough to install - and then leave open - SSH. If you didn't have SSH installed (or turned off when not in use), you're a hellofalot more safe than someone leaving SSH open.

It's also partially a cellular network issue - why - just WHY - would you assign a device a public IP address, knowing its' capabilities?

AT&T hides their devices on the network behind several gateways - you have an internal 10.x IP (haven't confirmed if I can ping other AT&T devices inside this network with my FUZE yet) and an outward-facing gateway IP that you share with thousands of others.

Sprint... gives you public IPs. Not too hard to enable Telnet or SSH on a Pre... and then allow it to listen on said public interface - but you as the user must manually perform that step in a terminal as-is, compared to iPhone - with a one-swipe of the "On" switch turning on SSH to all interfaces and IPs.