First ever iPhone worm Ikee unleashed by Aussie hacker

The first worm targeting Apple's iPhone has been unleashed by an Australian hacker.

The first worm targeting Apple's iPhone has been unleashed by an Australian hacker.

But the Ikee worm can infect only iPhones that have been modified or "jailbroken" to run unauthorised software and does not do anything malicious.

Ikee merely changes the infected iPhone's wallpaper to an image of singer Rick Astley and then seeks out other vulnerable iPhones to infect.

However, Ikee proves that jailbroken iPhones using the Unix SSH utility for connecting to the iPhone remotely over internet with the default password are vulnerable to hackers.

There is also a danger that the Ikee code could be modified to steal personal information, according to Graham Cluley, a technology consultant at security firm Sophos.

"Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm. Furthermore, a more malicious hacker could take the code written by Ikee and adapt it to have a more sinister payload," he said in a blog post.

The creator of Ikee has been identified as 21-year-old unemployed programmer Ashley Towns of Woologong, Australia.

Towns was tracked down by Joshua Davison, managing director of Australian ISP reseller JelTel, who published an interview with the worm's creator.

Towns claims he wanted to make the point that people should change default passwords and did not expect something that was supposed to be a "small prank" to get as far as it did.

"Jailbroken" iPod Touch devices using SSH with the default password are also vulnerable to infection by the Ikee worm or any other malware exploiting the vulnerability.

Davison has posted instructions on how to get rid of the Ikee worm and prevent future attacks that exploit the same vulnerability.

Such attacks are likely to increase, according to Cluley, as indicated by a Dutch hacker who used the vulnerability to hack iPhones and hold them hostage for €5 last week.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: