We all knew that it would get worse than Rick Astley, it was just a matter of time. We haven’t had to wait long either, as a new iPhone worm has been discovered in the Netherlands and it does exactly what nefarious software is supposed to do, cause all sort of horrible problems. As before, the worm infects jailbroken iPhones which run SSH, but only if the owner has not changed the root password.
Once up and running, with a preference for being connected to a Wi-Fi network, the sneaky worm changes the root password for you, but without having the courtesy of telling you what it is, before it gets to work by collecting bank authorisation details sent by SMS – a common practice in Europe – and spoofing an ING Direct webpage to fool you into entering sensitive information. The potential is there for all this to be sent back to the worm’s homebase, further adding to your pain.
But before we all panic and shut out iPhone’s in the refrigerator, this worm doesn’t seem to have spread outside of the Netherlands and can only be ‘caught’ by jailbroken phones with SSH still using the default password. It seems hard to believe that even after the considerable attention the first worm received that there are still users like this, but clearly there are.
However, if you’re the paranoid type or would rather be safe than sorry, avoiding this iPhone worm is simple – either don’t jailbreak or at least learn something about securing your phone before you do!