The Mac Observer

ikee Worm Rickrolls Jailbroken iPhones

News
8:49 AM, Nov. 9th ET, 2009
TMO Talk (7)
Articles by Author Jeff Gamet on Twitter Contact Author
Comments (7)

Owners of jailbroken iPhones in Australia are getting a bit of a surprise thanks to hackers that released a worm that "Rickrolls" them by installing a new wallpaper with Rick Astley's face. Only iPhone owners that hacked their iPhone to install unauthorized third-party apps and also failed to change their default password after installing SSH are affected, according to the security research firm Sophos.

The worm works by trying to find other jailbroken iPhones on the same cell phone network. If the jailbroken iPhones are still set with their default SSH password, the worm installs itself and changes the wallpaper to a photo of 80's singer Rick Astley and the text "ikee is never going to give you up."

ikee Image Courtesy of Sophos

The words and photo are a play on the online joke known as "Rickrolling," where someone is tricked into clicking a link that shows a video or Mr. Astley singing "Never Gonna Give You Up."

It appears that at least four variants of the worm have been written so far, and they don't do anything other than install the Rick Astley wallpaper. Since all four variants are available in the wild, however, there is the possibility that someone could add a more malicious payload to the code.

"Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm. Furthermore, a more malicious hacker could take the code written by ikee and adapt it to have a more sinister payload," said Sophos's Graham Cluley.

This marks the second incident where someone took advantage of the default SSH password on jailbroken iPhones. Last week jailbroken iPhone owners in the Netherlands started seeing a message appear on their screens from a hacker wanting €5. That hack appeared to work like the new ikee hack, too.

These hacks work only on jailbroken iPhones, so unmodified iPhones won't be affected. Users that do jailbreak their iPhones should change the default SSH password to avoid the worm, too.

Since many iPhone owners don't understand the potential security risks involved with jailbreaking, however, there will likely be a large base of phones for hackers to target. "My prediction is that we may see more attacks like this in the future," Mr Cluley said.

Post A Comment or Log-in. Need an account? Register here.

7 Observer Comments

With sample code available on the Internet, it’s pretty likely that there’ll be plenty copy cat hackers that try their hand at modifying the ikee worm. If you don’t understand what jailbreaking is, aren’t familiar with SSH, and don’t feel comfortable with the Unix command line, it’s a good idea to stick with apps that are available at Apple’s App Store and leave the unauthorized apps that require jailbreaking to someone else.

A worm with a sense of humor. A sick one, but still. I chuckle a bit.

   Actions mactoid said on November 9th, 2009 at 11:15 AM (Edited: 10/25/2011 8:44 PM):

The next idiot who goes on a rant about the “injustice” of the Apple application approval process needs the image of Rick Astley tattooed on his/her forehead!

   Actions geoduck said on November 9th, 2009 at 11:44 AM (Edited: 01/26/2012 2:46 PM):

I am so ambivalent on this one

Worms are bad.
This one really does not damage the system.
Worms are bad.
People did leave themselves open to this sort of thing by jailbreaking.
Worms are bad.
It does have a sick humor about it.
Worms are bad.
This is a good warning to users without real harm.

Maybe it will finally show those people who STILL think jailbreaking is a good thing that it’s not such a great idea after all (yes I’m talking to you Mr. Landau). wink

aybe it will finally show those people who STILL think jailbreaking is a good thing that it’s not such a great idea after all (yes I’m talking to you Mr. Landau).

Bear in mind that jailbreaking alone doesn’t make you vulnerable to the worm (you have to separately enable SSH as well - and then leave the default password in place).

More to the point, to say that this negates the value of jailbreaking is like saying that, because Apple has to release Security Updates for Mac OS X, Macs are “not such a great idea after all.”

   Actions geoduck said on November 9th, 2009 at 8:07 PM (Edited: 01/26/2012 2:46 PM):

There are a lot of things I do with systems and servers that are not a good idea for the average user. I know what I’m doing. I would put Jailbreaking in the same class. If you know the risks and know what you are doing and know the precautions you need to take then it’s cool. In this case if one has Jailbreaked (Jailbroken? What would the past tense of Jailbreak be in this case I wonder) your iPhone and activated SSH you likely are a few rungs above the average user.

No offense intended. It was mostly a snarky comment for amusement sake.

to say that this negates the value of jailbreaking is like saying that, because Apple has to release Security Updates for Mac OS X, Macs are “not such a great idea after all.”

Spot-on. A default jailbreak is not susceptible to this, and when you enable SSH you are warned that you should change your password, and even given step-by-step instructions.

The equivalent on a mac would be if every single computer came with the default password “alpine”. Guess what root password every virus in the world would try first in order to compromise a system?

Post A Comment or Log-in. Need an account? Register here.
 

Recent Headlines - Updated February 10th

Fri, 12:52 PM
Apple Stock Watch - Mizuho Securities Starts Apple Coverage with $635 Target
11:35 AM
Hot Forum Topic - Forum Poll: Are You Planning on Buying a New iPad?
11:00 AM
Analysis - Competitors Size up Apple’s iBooks Author
10:23 AM
News - Apple Scores a Win in Motorola Patent Fight
9:10 AM
News - Apple Highlights Siri in Two New iPhone 4S Ads
8:42 AM
TMO Quick Tip - OS X Lion: Replacing the “Show/Hide” Button in Finder
Thu, 7:56 PM
News - Apple Store Graciously Receives Workers’ Rights Petitions
5:22 PM
News - Chinese Apple Fan Makes Awesome Mac Costume
5:12 PM
Mac Geek Gab Premium Podcast - MGG 380: Managing Your iTunes Library, iOS Time Zone, Syncing & More
3:52 PM
Apple Stock Watch - Canaccord: Apple Claims 80% of Q4 Mobile Handset Profits
2:27 PM
Deal Brothers - Mac Pro 2.66GHz 12-Core Intel Xeon: $4,249
1:07 PM
Apple Stock Watch - Apple’s Stock Makes Run on $500
 

The Mac Observer Reader Specials

  • TypeStyler 11 is now in the Mac App Store!! -- Special Introductory Price of $59.95!! -- To Buy From The Mac App Store Click Here Now!! Or buy direct from Strider Software.
  • Mac RAM Upgrades: MacBook Pro 16GB kits $475, 8GB Kits for $119.99! iMac 16GB RAM Kits (4x 4GB) for $229.99! Mac Pro Memory 32GB Kit for $399.99, 64GB Kit for $889.99! Mac Hard Drives 2TB Seagate SATA II for $249.99! Click Here!
  • Poker Mac If you're using a Mac, then you've gotta check out Online Poker Mac. This mac poker and online casino mac site actually does the unthinkable, it actually rewards!

Apple Stock Quote (AAPL)

Loading...

Hot Topics

What's the buzz? These articles have TMO readers talking.

TMO Express

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday. Find out more!

Top Deals From DealBrothers.com

Recent Features

Get the latest installments of TMO Columns, Podcasts, & Blogs.

Support The Mac Observer

We noticed you may be running AdBlock on your computer. It takes real money to run this site and to deliver the news, tips, and opinions you love to read.

If you wish to block the ads that pay for the creation of our content, we ask that you instead support TMO Directly, either with a $5 monthly recurring contribution, or a one-time donation of any amount of your choice. Thanks!

Subscribe with Paypal Donate with Paypal