We sort of knew this would happen as soon as we heard about that
iPhone wallpaper hack in the Netherlands -- a hacker named ikex has created what's apparently the first iPhone worm, and it's currently infecting jailbroken iPhones across Australia. The "ikee" worm, as it's being called, takes advantage of the fact that jailbroken iPhones with SSH installed all have the same default root password of "alpine," and once in the system it changes your wallpaper to an image of Rick Astley and then tries to install itself on other jailbroken iPhones on the network. Sophos says it hasn't confirmed any infections outside of Oz, and to be clear, this worm can't get to stock iPhones or jailbreak owners who haven't installed SSH -- but if you're running a hacked phone we'd say you should
change that root password just to be safe right away. Get to it, kids.
[Thanks to everyone who sent this in]
posted Nov 8th 2009 10:48PM
sensationalist headline
Why? It is the first iPhone worm, it only affects jailbroken phones and it rickrolls your handset. Headline seems spot-on to me.
simbr-
you mean it only affects jailbroken iphones with ssh installed with the default password in australia
Heyyyyyyyyy, that video's not about gardening!
Anybody seen this awesome video revealing the apple slate? http://www.youtube.com/watch?v=oHg5SJYRHA0
I'm sooooo not going to fall for it....
But just to be shure....
...
...
...
DAAAAAAAAAAMNNNNNN!!!!!
Yo Taylor, I'm really happy for you, I'm gonna let you finish, but Rick Astley had one of the best videos of all time...one of the best of ALL TIME!!!
Yeah, that film is about gardening. It tells you that you should never give up on your plants because you get attached to them after a while. It's also in their best interests to dance like an idiot while wearing Wayfarers.
Australia has iphones?
Yeah Australia has iPhones, ours actually run at full 7.2mbit and even have crazy stuff like tethering, you can even have more than one in a cell without dropping out n stuff. It's way cool eh.
You can buy em on any carrier and direct from Apple with no contract. You can get em $0, prepaid, on plans. It's mad!! Oh and we don't get charged to receive calls and texts, like ever.
Why, where u, maybe u got iPhones with no network perhaps?
Oh yeah Australia has iPhones. We got ones that can go at full 7.2mbit, even in small towns and you can have multiple devices in a cell with no dropped calls. Ours also have other crazy stuff like tethering and you can even upload video's n stuff like it was DSL but in the bush. Heck it's like walking round with permanent wifi some days, even on most highways.
You can get em from any carrier, even unlocked with no contract direct from Apple. You can get em for $0, on prepaid, on a plan. It's outlandish! And the thing you dig the most, we don't get charged to receive calls and texts, even if it's a video mms!
Why where you live? You got iPhones and no network maybe?
No internet? Not a problem...they'll still find you:
http://x4f.xanga.com/750f561044530257158134/b204613574.jpg
but I will tell you what is the same in Australia. The f'ing awful engadget comment system
He has been so trying so hard to look like Elvis; wannabes are so not cool. Check out his interview with Robert Smigel!
@Cy Starkman,
I tip my hat to you sir. Better call the fire brigade... someone got burned hehe
Just what every jailbroken iPhone user deserves... a date with Rick Astley. Jailbreakers are the equivalent of children whose parents tell them not to run around with scissors in their hands. But I'm almost an adult and nobody tells me what to do, especially Apple. That's so damn funny. Hearing about jailbroken iPhone users getting Rickrolled is rather amusing. I hope it continues to go on for a while. Rick's revenge.
CAN YOU HEAR ME SINGING NOW? Oh wait, that's Verizon...
I think this is the first time I actually want my phone to be infected with a worm.
Bring it on, Rick Astley!
Well, honestly the song does tell exactly how an iPhone owner feels about their phone...
NEVER GONNA GIVE YOU UP NEVER GONNA LET YOU DOWN !!!!...
Yea but that means everyone points and laughs at the people with iPhones. Oh wait, I guess it does describe it pretty well.
honestly when i saw this, i thought the hack involved your iphone getting random calls w/ rick astley singing. that'd be the best prank hack ever. YOU HACKERS HEAR ME??
sounds like a special request
Sure Dave, what's your number?
How about posting how to change the root default password?
Because it's painfully obvious if you've ever used *nix.
Assuming you have MobileTerminal installed on the phone:
1. Run 'su' enter password 'alpine'
2. Run 'passwd' follow the prompts, change to something secure.
Optionally, turn SSHd off when you aren't using it by installing SSH Toggle (IIRC) from Cydia.
You can also toggle ssh on and off in SBSettings.....under more/Set toggles.
Yes, so "painfully obvious."
This is why "*nix" has no public presence. Because of the arrogance of those with knowledge.
Fortunately, the arrogance on this commenter was light enough to allow him to post the solution. The darkness is still weak with this one, but they all succumb to it eventually.
Last time I checked, if you change the root password it screws up a lot of stuff. The pass is hard coded into several apps that make the phone/ipod work.
@barry99705
And that's why these "one button" jailbreak tools are bad. Cause any idiot can hit a button, but to really do things right requires some experience with cli (that short for command line for all you not*nix heads ;) ).
@Brian
I hear you about some hardcore users but actually Linux has a pretty good support network. But it's hard when people come around asking how to fix something you know they shouldn't have had any business messing with. You know what I mean? After the umpteenth time, it wears on your nerves... so cut nerdtalker some slack...
@Brian,
We share the same name but not sentiment. Conversely, one could say that *nix remains difficult for underlings to understand or use because they're both averse to searching google for answers, or because they think they're always intitled to help.
That said, I wasn't trying to be arrogant, merely helpful and perhaps defend why the engadget editors didn't make or link to a step by step guide. It's because - well, passwd is pretty fundamental. That said we were all noobs once, right?
Also regarding stuff not working I'm pretty sure that's an old problem. I've changed mine and nothing bad has happened yet.
@nerdtalker: While I grant that we might assume anyone installing SSH on their jailbroken iPhone knows or has been told about at least one shell command (else why would they install it?), I don't think any shell command can ever be called "painfully obvious." There's the major hurdle that you have to know a command exists before you can call it.
thats one sexy devil in the background there
Does it change the ringtone to "Never gonna give you up"? It would be funny too if the worm make fake call at random time and then play the song when people answer it.
refer back to my post >.
haha... hahahahaha XD!!!
Well now that someone can claim to be the first, hopefully thatll dissuade anyone else from wasting time on creating another.
Never gonna give you up, never gonna let you live not changing your root password down....
You've got to admit this is pretty funny.
It was pretty funny. I would have gone with this image though....
http://modmyi.com/iphone_wallpapers/images/140329/1_bart_bgA04.jpg
What a lame generic iPicture.
hey! theres a worm in my apple!
One bad Apple spoils the whole bunch. . . . .
points for being the first in with that comment :P
I'm surprised it wasn't the first one posted :P
I wouldn't b surprised if verizon behind this.
Yeah, because Verizon has a major presence in Australia...
i wouldn't be surprised if apple was behind this
I wouldn't be surprised if Rick Astley was behind this.
I would be extremely surprised if a hacker was behind this.
I wouldn't be surprised if you were involved in this. Yes, you. No, not someone else reading this. You.
(now when the hacker reads through the comments he'll think I'm on to him c:)
I have 4 iPhones if this happens.
I will be pissed.
If those 4 iPhones are jailbroken with SSH enabled and the default password (especially after reading this post), then you deserved to be hacked.
But if this doesn't happen, how many iPhones do you have?
You may have 4 iPhones but that does not matter. For you see, I have 3 PS3's.
Congratz for getting raped in the A$$ for $400 a month by at&t.
First problem is that you have 4 iPhones....
Thats cool, but I have 5 iphones and a 42 inch LCD plasma and a PS3 networked to my falcon northwest. If this happens I will buy another iphone.
Totes woke up to this today.
i learnt my lesson.
psh, shouldve done it to bananaphone
ring ring ring ring ring ring ring bananaphoneee
that's too bad for all you jailbreaking douches :)
Yeah, well, that's because everyone who was a good little apple minion and didn't jailbreak their iPhone can't be accesed through the internet by hackers.
The same way that people without cars can't be carjacked.
Never gonna give you up,
never gonna drop your call
OT ftw
heyy apple i think you should provide iphone user a anti-virus also dont be monopoly like microsoft or pay for it like microsoft is paying for his image now..
the most action rick astley has seen in years!
You can always install sbsettings and turn ssh off when ur not using it.. i dont remember if the ssh toggle comes installed with sbsettings but u can always install it after.
What should be the fate for all those who jailbreak and pirate apps then?
lol
Can anyone plz do thing to Android too?
We need rick rolls.
Terminal:
mobile$ passwd
A much more satisfying experience and a lot more freedom with the device that they own.
Oh and by the way if anyone wants to change their password the instructions are on the front page of cydia under user guides tap on openssh access how to. than scroll to the bottom and tap on how to change default password.
I'm really trying hard to not pull Winmo fans into this as I don't feel it's as poor a device as the iPhone, But I have trouble taking WinMo Seriously yet. I want to like WinMo as I've seen some cool stuff, but I would need to see Microsoft treat their mobile platform as seriously as it does their main OS. Feels like a side project. Anything that requires a stylus still on a touch device makes me raise an eyebrow.
But you too sound a little sore over your poor purchase.
I had an iphone, tried hard to like it, kept getting the shaft from Apple from different directions, left them realizing it was not going to get better. Still hasn't. Now realize there are other companies that actually would like to satisfy their customers not just make $$ off a gimmick!
Hey Sal. Sorry man, that was not supposed to go to you. I hit reply in the wrong post.
Sorry Bud...
@Thor As has been said by other, you have no idea wtf you are talking about and should just move on.
Wow. The iphone weaknesses keep coming out of the woodwork. I'd just avoid the thing all together. Too much suckage.
Congrats on being the first smartphone with a virus.
Congrats and having no clue what your talking about...
Thor r u stupid or just a troll. First off a worm is different from a virus, 2nd u must have a jailbroken iPod/iPhone have ssh installed and turned on, and have the default password still on. How does that make it an iPhone weakness, anything with ssh installed with a default password would have the same vulnerablity. Obviously u don't know shit about the subject so y don't u stfu. And trust me win-mobile has plenty of viruses I've seen them... Idiot
Sounds like some people are very angry abour their poor purchase decision. Little pathetic really that you feel the need to take that much time to be defensive. Upgrade to an android or palm pre and stop whining.
Thor, it sounds like you're stupid. Very, very stupid. Mike is right, this is not an iPhone weakness. If you weren't an idiot, you probably would have figured that out on your own. And seriously, it's like you've never heard of WinMo, which has had viruses for quite a while now. First smartphone virus? LOL. Please note that you don't have to jailbreak WinMo to get a virus on it. Thanks for playing.
@ Jack
You're just as ignorant. WinMo has never had any REAL viruses or worms...
They were proof of concepts... similar to what this guy did, except they were only released to the public as in the case of the iPhone. They were for testing purposes for Antivirus companies, and they couldn't run unless you specifically allowed them to. Since then, 5+ years ago, WM market share has fallen, so I doubt any virus writer would bother (just as they don't bother for Macs).... Windows, similar to the iPhone both have a lot of market share, so they are where virus writers focus their attention.
I'm really trying hard to not pull Winmo fans into this as I don't feel it's as poor a device as the iPhone, But I have trouble taking WinMo Seriously yet. I want to like WinMo as I've seen some cool stuff, but I would need to see Microsoft treat their mobile platform as seriously as it does their main OS. Feels like a side project. Anything that requires a stylus still on a touch device makes me raise an eyebrow.
But you too sound a little sore over your poor purchase.
I had an iphone, tried hard to like it, kept getting the shaft from Apple from different directions, left them realizing it was not going to get better. Still hasn't. Now realize there are other companies that actually would like to satisfy their customers not just make $$ off a gimmick!
how do i sound sore when all i did was provide information for those who were interested and it was relevant to the post.. i dont know where u came from with all this talk about winmo and to be clear im not sore at all. im not sore about my android device or my palm device either. Oh and one last thing this only applies to jailbroken devices. So get your facts straight troll
Chris - You're using the market share argument as to why Macs don't have viruses and you're calling ME ignorant? Exactly how dumb are you? Don't you think in the 8 years since OS X was released, we would have seen at least ONE virus for OS X if it were possible to write one? Just one? Was the $10,000 prize money in all those contests just not good enough incentive or something?
Seriously, pull your head out of your ass and wake the hell up. OS X has no ports open by default, and nobody can get into it remotely because of that. It has nothing to do with market share. As far as the iPhone, that has nothing to do with market share either. It has everything to do with being jailbroken and having SSH installed, and having the default password. It's not like he's hacking the iPhone if he just enters the default password, is he?
Thor - your vague "reasoning" for not liking the iPhone notwithstanding, everything I said previously still stands, and you have done nothing to disprove it. Nothing you've said makes even the slightest bit of sense. I'm sure Apple's customers are all dissatisfied, that's why the iPhone is selling so poorly.
Oh no wait, I mean it's the best selling smartphone in the US. I'm sure that's because it's so horrible. You don't really enjoy working with facts, do you?
@Jack, I hate to be so blunt but your an ignorant raging Moron and I'm scared no-one has told your parents yet or I'm sure they would have done something by now.
Sure iPhone is the current best selling smart phone right now through a gimmick and smart advertizing. But it simply does not work as well as a basic device as most other phones. even some "dumb" phones. That's why it took them two+ years to get stereo bluetooth while it had already been out for years and STILL DOES NOT WORK RIGHT.
Iphone users cant use their own music as ring tones without jailbreak and Rick Astley apparently. Apple forces its customers into the iron maiden that is Itunes while other manufactures allow you to use and load your phone as you like. It STILL dropps calls like crazy. These are skimming the surface of what is wrong. Specific enough?
Your language tells me your an apple fanboy which is fine. OSX is good, but the iPhone still has yet to allow it's customers the freedom and ability that Android and Palm do.
So don't come back crying with more juvenile insults after you finish your latest twinkie at 3 in the morning because you have the actual inferior device and tons of time on your hands.
All I can do is try and save the mobile world one iLemming at a time.
My God... With 100,000 + apps there has got to be just one that tells you your an idiot!!
Jesus Christ can you people take a breather?
Change the password, stop trolling, bring WinMo into some other stupid thread, buy new panties,. Rinse, repeat.
It's not a damn worm or virus it's just a joke.
How's conficker and al the other millions of HARMFUL viruses working for you Windows lusers?
Go cry in a corner, you need a life :]
He told me he would never give me up, or let me down!
i saw this earlier today, sent it to my friend i got a reply "just looked at my iphone, damnit!" hahaha
*hugs his android phone*
Does this mean that iPhones should install an anti-virus suite immediately? hahaha
...!
There's an app for that!
But apple is immune to viruses!
There are no viruses for OS X, if that's what you're referring to.
Oh, and to those of you who are saying "this is just a joke", you may be right....but that is because that was the intent of the hacker. If this had been done by somebody that actually meant harm, a whole itload of you iPhone Jailbreakers might have been totally screwed.
This is quite funny.
Jailbreak an iPhone to get it to do anything that resembles what a smartphone should do, and what do you get?
A Rickroll virus that could have been much much worse. Oh, and on a network that completely blows.
Thanks, but I think I will stay on Verizon and with just about any smartphone other than the iPhone.
In what way is the iPhone not a smartphone? I'd love to hear your incredibly narrow definition of what a smartphone is, since you seem to be convinced that the iPhone isn't one. And you can have Verizon and their psuedo-3G that is both slower than AT&T's 3G and also can't do voice and data at the same time. Because not doing voice and data at the same time is just so cool.
I think a smartphone should be more than just an app launcher, should be more customizable than just moving those app icons around on the screen, should be able to multitask with 3rd party apps without hacking it to do so, should be happily accepted into the corporate workplace as a legit business phone with exchange and security, should have a proper indicator light to let someone know when something has come up, should have a proper notification system (the iPhone simply BLOWS at this), should have interchangeable batteries and storage, should have the option for a unified inbox for emails, etc. etc. This is just what I think.
There are several "smartphones" that don't fit all of this criteria, but come a helluva lot closer than the iPhone. I think my ideal smartphone would be a traditional upper tier Blackberry Bold 9000 form factor and functionality, updated OS UI that resembles something like HTC Sense, add a capacitive glass touch screen with multitouch, and a good 5mp camera w/flash. Winner. Maybe even RIMs version of a Pre-ish design. I think they could do much better than Palm did.
The biggest achievement for Apple was not the iPhone. It was the appstore. One simply led to the other.
I don't hate the 3Gs. I just don't think as a PHONE itself......it in any way deserves all the hype it gets.
I may have a "pseudo" 3G signal from Verizon as you put it. But at least I have reliable coverage. "The natiaons fastest 3G network" doesn't mean squat if you can't get it or it fails. Verizon actually cares about everybody, unlike AT&T who only cares about densely populated areas. 3Gs is pointless on EDGE and that is a huge reason why I didn't get an iPhone. Now, after actually looking past the eye candy that is the 100,000 apps and seeing the iPhone for what it is.......I doubt I would even choose it if it were on Verizon. And I don't need voice and data at the same time. It's not a huge deal to me.
iPhone 4g may change my tune.
BC and Mitchell dis u guys even bother to read the article, I'm losing faith in humanity and I can't believe the ignorance of the posts in this site recently. These are supposed to be nerds and technogeeks and now it's all teenage fanboys spewing shit...
IT IS NOT A VIRUS RTFA!
It IS a virus you MORON. It just wasn't malicious. Read my other post. Everybody got LUCKY that the person who did this was just joking. If this had been any other human being that really wanted to do harm, it would have been game over.
Oh and btw, I'm a fanboy alright. Of just about anything other than AT&T and the iWannabeasmartphone.
Get over yourself.
And by "everybody" you mean iPhone owners who jailbroke them and are running SSH with the default password intact? You want to take a guess at how many iPhones that actually is? Here's a hint: it's not nearly as many as you think it is.
Ok, so I meant WORM, not VIRUS. My point still stands.
It could have been worse.
thats what happens when you play god... err... steve