First iPhone Worm Rick Rolls the Land Down Under
Your humble blogwatcher selected these bloggy morsels for your enjoyment.
Robert McMillan's no stranger to love:
The first worm written for Apple's iPhone has been unleashed and is infecting phones. ... It changes the victim's wallpaper to a photograph of 80s singer Rick Astley and then seeks out other phones to infect ... could be modified to do something more dangerous.
The worm was written Wednesday by Ashley Towns, a 21 year-old unemployed programmer from Wollogong, Australia. ... "It was supposed to be a small prank i definitely wasn't expecting it to get as far as it did." ... Towns wanted to make the point that people should change their default iPhone passwords. ... Once the worm adds the Rick Astley wallpaper, it disables the iPhone's SSH daemon. MORE
Dan Goodin knows the rules, and so do I:
iPhone owners in Australia awoke this weekend to find their devices targeted by self-replicating attacks that display an image of 1980s heart throb Rick Astley ... [with] the message "ikee is never going to give you up," a play on Astley's saccharine addled 1987 hit "Never Gonna Give You Up."
Because the writer released source code for four separate variants, it wouldn't be surprising for copycats in other regions to appropriate the attack code and potentially imbue it with more malicious payloads. Instructions for changing the iPhone's root password are here. MORE
A full commitment's what Josh Carr's thinking of:
Still confused? Let's back up a bit. On jailbroken iPhones, SSH is installable with a package from Cydia that allows you to connect to your phone and make changes to the filesystem. It does this by logging into the root user with the password "alpine."
After installing SSH, it is always recommended that you change "alpine" to the password of your choosing. This hack can only affect people who chose not to change that password. MORE
[You wouldn't get this from any other guy -Ed.]
Ashley "ikee" Towns just wants to tell Joshua Davison how he's feeling:
I was quite amazed by the number of people who didn't RTFM and change their default passwords. ... The code itself is set to firstly scan the 3G IP range the phone is on, then Optus/Vodafone/Telstra's IP Ranges ... then a random 20 IP ranges.
I admit I probably pissed of a few people, but it was all in good fun. ... I highly doubt I'm in any real [legal] trouble. ... I guess i'm hoping that the jailbreak software will soon have a "enter new root password" prompt for those users that are un-aware ... or even a random password generated and displayed for the user to write down. MORE
Graham Cluley gotta make you understand:
Accessing someone else's computing device and changing their data without permission is an offence in many countries - and just as with graffiti there is a cost involved in cleaning-up affected iPhones.
The source code is littered with comments from the author suggesting the worm has been written as an experiment. One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them.. MORE