Report: Jailbroken iPhones At Risk For Rickroll Worm Attack


If you have a jailbroken iPhone, you might be in danger of getting Rickrolled. That's the word from security experts following Monday's confirmation that the first-ever iPhone worm, dubbed "ikee," is in the wild and on the hunt for jailbroken iPhones.

Specifically, the worm was seen affecting iPhone users in Australia. At press time, no other cases of ikee and Rickrolling have been reported for iPhones outside Australia.

The Ikee worm alters the wallpaper on a user's iPhone to display an image of British pop star Rick Astley and also display the message "ikee is never going to give you up" -- a reference to one of Astley's famous songs.

The infected iPhones are jailbroken iPhones -- that is, users have removed Apple's built-in protection mechanisms -- and according to security developer F-Secure, the Ikee worm targets jailbroken phones in which users have not changed their default root login passwords.

"To protect your jailbroken iPhone, change your root password," advised F-Secure in a Monday blog post addressing the ikee worm. "The creator of the worm has released full source code of the four existing variants of this worm. This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper or might try password cracking to gain access to devices where the default password has been changed."

Other security observers reported Monday that the ikee virus was written by a 21-year-old developer in Australia. Graham Cluley, a senior technology consultant at Cognos, said in a blog post that the ikee worm was not explicitly destructive and in fact turns off the iPhone's SSH protocol.

Quoted on Cluley's blog, Paul Ducklin, Sophos' head of technology for Asia Pacific, also urged users to change their SSH passwords immediately if they own a jailbroken iPhone.