Blog: Ikee Worm Rickrolls Jailbroken iPhones

Norton Security | Norton Internet Security
1

On the heels of a similar iPhone attack by a Dutch teenager, an Australian hacker (using the same technique) has written the first iPhone worm for jailbroken iPhones. The worm has been dubbed “Ikee” and uses the default SSH password of jailbroken iPhones to log in and spread. Please note that this worm does not impact iPhones that have not been jailbroken.

 

 

You can read the rest of this Blog here: Ikee Worm Rickrolls Jailbroken iPhones.

 

 

 

2

Just keep SSH closed and you will be fine :wink:

3

Summary of iPhoneOS.Ikee.

 

 

 

 

4

Link doesn’t seem to work. Please try again

5

Thanks, Stu, for bring this to my attention.

 

 

_________________________________________

 

 

Summary - iPhoneOS.Ikee

 

 

 

6

The first iPhone worm, known as iPhoneOS.Ikee, recently hit the news everywhere. The purpose of this worm was to show that jailbroken iPhones had a flaw that could be easily exploited. The consequences of this worm were minor since the author decided to simply Rickroll users who became victims of this attack. However, there were many warnings that the publicly released code could easily be altered so that consequences were not so benign.

 

 

You can read the rest of this Blog here: Another iPhone Attack.

 

 

 

7

Hi all,

 

As both previous iPhone attacks are contained here I will also post here about the current one.

 

In short, a new "malicious" worm appears to be targeting the same vulnerable iPhone setup as previously - a jailbroken phone with SSH and the default password of "alpine". It's being called malicious because this new worm appears to be intent on doing more harm than just changing wallpaper.

 

We are currently trying to get hold of a sample, so if anyone reading this has been hit with it or has access to a sample they can share with us, please post here and let us know.

 

References:
http://www.xs4all.nl/veiligheid/security.php
http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.security.nl%2Fartikel%2F31542&sl=nl&tl=en

 

Many thanks.

JohnM

Symantec

8

It's only been a couple of short weeks since the iPhone background-changing incident that took the world by storm (well, parts of Australia at least), but already a Dutch ISP has reported what would be the first malicious iPhone worm to be seen in the wild.

 

 

You can read the rest of this Blog here: Yet Another iPhone Worm?.

 

 

 

9

Summary - iPhoneOS.Ikee.B.

 

 

10

Hi

 

If I'm not mistaken, it looks like Symantec may have added protection  for one of those worms today.

11

Hi all:

 

FYI - Updated link...

 

http://www.eweek.com/c/a/Security/Symantec-New-Apple-iPhone-Worm-Targeting-Jailbroken-Phones-745255/?kc=EWKNLSTE11242009STR1

 

12

It’s about time Symantec should be testing a AV for iPhone?