There has been a new worm that is targeting specifically jailbroken iPhones reported in Australia today. The worm is named after its creator Ikee.
The Ikee worm doesn't seem to do anything harmful to the iPhone other than changing the wallpaper to the infamous Rick Astley just as an annoyance. While the worm is invasive and a nuisence I have to agree with the purpose it is driven by. It targets iPhones via SSH and spreads just like any worm would from iPhone to iPhone. But Ikee created this worm to point out how unsecure people are being while jailbreaking their iPhones. So many users are not taking security seriously and changing their root password when installing OpenSSH on their phones causing them to be easily accesable by any 5 year old with a computer.
Basically the moral of this story is always change your root password to something more secure than the default password. We are lucky that this was a more honest hacker and no information was being stolen from the infected iPhones, that we know of. But in the future it could be your credit card, bank account, or any other number of private information that could be tracked and stolen.
So we ask that all users please follow these simple instructions to change your root password:
- Download Terminal.app from Cydia or use some other SSH terminal program for Mac/PC and access your iPhone.
- Enter the command passwd into the terminal.
- It should ask for your current password which should be "alpine" by default.
- Then it should ask for you to enter your new password.
- Process complete!
By following these steps it will make it much harder for any playful or malicious hacker to ever infiltrate your iPhone and have a look around!
I think they should force all jailbreaker to change the default SSH password. This is not the first time a security loophole exist because of the default password.
This isn’t sufficient – you need to change the password for the root AND mobile accounts!
First, be root – password is alpine:
$ su
Then run passwd twice to change each password:
# passwd
# passwd mobile
thanks for the tip and the process of changing the password.
How do these worms spread from iphone to iphone ? Is it possible my iphone get infected from someone even if i dont install ssh.
Thnks
Rick Astleys never gonna give you up! Never gonna let you down! Never gonna turn around and dessert you!
are the iPod Touches vulnerable to this worm as well? I changed my password either way but im just curious
I installed Mobile Terminal on my iPhone and changed the password but when connecting with WinSCP it still uses the original password so there must be some other place to change the password.
I downloaded PuTTy for Windows and connected with it and changed the password and it did change it.
Thanks for the tip, I guess here in asia people might have never heard of Rick Astleys
The above process will only change the mobile password. In order to change root password, type ‘login’ command (without quotes) and then press enter. Now type ‘root’ (without quotes) as your login and ‘alpine’ as your current root password. Once you have logged in as root, type ‘passwd’ command (without quotes) again and press enter. It will now prompt you to enter a new password (twice). Simply enter your desired new password and you should be all fine. It is highly recommended that you change, both your mobile and root passwords to make sure you are completely safe from any outside SSH attack.
how to remove the worm ?
cool trick