AAPL Stock: 124.24 ( + 0.86 )

Printed from

First iPhone worm targets Australians

updated 09:55 am EST, Mon November 9, 2009

Only affects jailbroken devices

The first known iPhone worm has been observed in the wild, reports say. Called Ikee, the worm is considered relatively inoffensive, as it does not steal information or sabotage hardware or software. Instead the package merely changes a phone's wallpaper to a photo of singer Rick Astley before seeking out more points to infect.

The impact of the worm has also been limited to Australia so far, specifically jailbroken phones in the region running SSH while also using an iPhone's default root password. The conditions are similar to those which allowed a Dutch extortion scheme earlier this month; Ikee's author has come forward however, revealing himself as Ashley Towns, an unemployed programmer from Wollogong. "It was supposed to be a small prank I definitely wasn't expecting it to get as far as it did," he comments.

The aim was allegedly to persuade jailbreakers to change their root passwords, thereby making real threats much harder to execute. "A lot of people especially at first thanked me," says Towns. "I think most people are relieved its not out to destroy their phone. I have had a few people abuse me though." The code for the worm has already been published online, which may make it easier to counter.

Apple may use such incidents to support its position on jailbreaking, which it insists is not only a threat to a security but illegal under the DMCA. Critics charge that the locks on iPhone firmware are mainly designed to funnel users to the iTunes Store, where Apple receives royalties for music, movies and applications. Unofficial software markets nevertheless exist for jailbroken iPhones.

by MacNN Staff





  1. climacs

    Joined: Dec 1969



    Avert your eyes! It's Rick Astley!

  1. bleee

    Joined: Dec 1969


    Just sell legally unlocked phones.

    If Apple just sold legally unlocked phones like it does in Hong Kong, than this wouldn't be a problem. The problem is there are no options, I'm sure there are people who would gladly shell out the $650 to buy a legally unlocked phone so that they don't have to deal with jailbreaking.

  1. Gazoobee

    Joined: Dec 1969



    I'm sure you get more page hits this way, but isn't it a bit misleading to *not* mention that this worm is only a threat to jail-broken phones in either the headline or the lead copy? You're just panicking people and revving things up when you make them click on your story only to find out it's not really an iPhone worm at all but a worm specifically for illegally hacked iPhones. Don't be part of the problem, try reporting things as they actually *are* and suffering a few less (panicky) page hits.

  1. dliup

    Joined: Dec 1969



    It's not about unlocking. Plenty of people unlock their iPhone without installing openSSH.

    Besides, OpenSSH contains explicit info to change root password.

    So this is a problem ONLY for the noobs that can't follow simple directions.

  1. Marook

    Joined: Dec 1969


    Not a Worm!

    Simply logging in with a known password can hardly be called a 'worm'.. well, sure it tries to move on, but nothing has been hacked!
    It simply logs in, sets a desktop picture and moves on..

  1. mr100percent

    Joined: Dec 1969


    A small prank?

    A small prank does not start scanning IPs to infect more devices. If he thought it wouldn't get far based on such an effort, he is either a fool or realizing how big of a deal he got himself into

  1. testudo

    Joined: Dec 1969


    Re: Not a worm

    Wait, it connects to the phone, does it's thing, then tries to replicate elsewhere. If that isn't a worm, what is?

    And how does one go from "sets a desktop picture" to "nothing has been hacked". Um, the desktop picture has been hacked.

  1. WiseWeasel

    Joined: Dec 1969


    Vulnerability = OpenSSH + Default Root Password

    In order to be vulnerable, ALL of the following conditions need to be met:
    1) iPhone must be jailbroken,
    2) User must install OpenSSH from the Cydia (or other installer app) repository, and
    3) User must ignore the warning dialog they were presented when installing OpenSSH, instructing them to change the default root password.

    Most users who jailbreak do not install OpenSSH, and so are not vulnerable to this "exploit".

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill th ...

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, the process is not exactly something most people put a lot of thought into. Printers are often t ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...


Most Commented