The first worm targeting Apple's iPhone has been unleashed by
an Australian hacker.
But the Ikee worm can infect only iPhones that have been
modified or
"
jailbroken" to run unauthorised software and does not do
anything malicious.
Ikee merely changes the infected iPhone's wallpaper to an image
of singer Rick Astley and then seeks out other vulnerable iPhones
to infect.
However, Ikee proves that jailbroken iPhones using the Unix SSH
utility for connecting to the iPhone remotely over internet with
the default password are vulnerable to hackers.
There is also a danger that the Ikee code could be modified to
steal personal information, according to Graham Cluley, a
technology consultant at security firm Sophos.
"Other inquisitive hackers may also be tempted to experiment
once they read about the world's first iPhone worm. Furthermore, a
more malicious hacker could take the code written by Ikee and adapt
it to have a more sinister payload," he said in a
blog post.
The creator of Ikee has been identified as 21-year-old
unemployed programmer Ashley Towns of Woologong, Australia.
Towns was
tracked down by Joshua Davison, managing director of Australian
ISP reseller JelTel, who published an
interview with the worm's creator.
Towns claims he wanted to make the point that people should
change default passwords and did not expect something that was
supposed to be a "small prank" to get as far as it did.
"Jailbroken" iPod Touch devices using SSH with the default
password are also vulnerable to infection by the Ikee worm or any
other malware exploiting the vulnerability.
Davison has posted instructions on how to get rid of the Ikee
worm and
prevent future attacks that exploit the same vulnerability.
Such attacks are likely to increase, according to Cluley, as
indicated by a Dutch hacker who used the vulnerability to hack
iPhones and
hold them hostage for €5 last week.