iPhone Worm Rickrolls Jailbroken Phones

A mischievous iPhone worm that targets Australian jailbroken phones is changing the phone's wallpaper to an image of Rick Astley.

Above the changed wallpaper is the text, "ikee is never going to give you up," according to security company Sophos. According to a post from the company, which includes an image of ikee's effect, the phone searches for jailbroken phones whose users have not changed the default password after installing SSH, a tool used to remotely log in to computers and other devices. Like other worms, after finding a victim phone it will automatically attempt to find other phones to infect.

Per Sophos, the worm can only infect jailbroken iPhones that have SSH installed, and other phones will not be affected.

According to Computerworld's Australian site, the prankster creator is a 21-year-old programmer named Ashley Towns. Towns said he created the worm out of "curiosity and boredom," according to the article.

Neither Sophos nor F-Secure, which also put up a post on the worm, says it has yet seen ikee pop up outside of Australia. However, F-Secure says Towns has released the full source code for four different variants, so the worm may well spread.

Installing SSH on a jailbroken phone without changing the default password is the digital equivalent to installing a new door on your house and hanging the key to the lock from the door handle. Breaking in would not require complicated machinations, but only a simple login over the network using the already-known password. F-Secure has posted instructions on how to change the root password.

This simple worm ties back to the early days of computer malware, when creations like the Melissa worm didn't have a direct malicious intent. Melissa's major disruptions came as a secondary effect when the e-mails it sent flooded and clogged networks.

But aside from novel throwbacks like ikee, today's malware game has changed. It's out to quietly make a buck by stealing passwords or sending spam, rather than make a splashy statement.

Subscribe to the Security Watch Newsletter

Comments