We had reported recently about the first ever iPhone Worm in the Australian wild. Now here is its mutated sibling that is far more malicious. A new worm is spreading in north Eastern Europe that attacks jail broken iPhone with SSH installed and with the default password – “alpine”.
First iPhone worm in Action (img src : bbc.co.uk)
The first worm was a rather meek one that changed backgrounds of iPhone handset to an image of Rick Astley. This one is more severe and connects to some unknown server in Lithuania where is accepts commands form hackers. Scary, right? How do you fix it? The same way you fix the first iPhone worm. You change the root password of SSH to any thing other than “alpine”. It has also been noted that in some cases it changes the iPhone root password to “ohshit”.
This was first reported by Dutch ISP XS4ALL and then Sophos confirmed the spread with its technical head Paul Ducklin discovering the “ohshit” part of password change. This new worm exploits the same vulnerability as the previous worm. The maker of first worm and the subsequent variant creator have left the source code online to help other hackers fast track the coding process.
