A new virus is attacking iPhones and giving control of the devices to a botnet in Lithuania.
If infected, the phones will download and perform any commands the cybercriminals want it to in the future, according to IT security firm Sophos.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The new worm, called "Duh" or "Ikee.B", spread over the weekend. It hunts for vulnerable phones on a wide range of IP addresses.
It follows the first ever iPhone virus Ikee, which appeared two weeks ago but was only reported in Australia. The current worm includes IP ranges in several countries, including the Netherlands, Portugal, Australia, Austria and Hungary.
Sophos found that the virus also changes an iPhone's password. Researcher Paul Ducklin said the password the hackers choose is "ohshit". The company advised anyone with a hacked phone to change the root password.
Ducklin, head of technology in Sophos Asia Pacific, said, "Apple's default root password "alpine" on the iPhone breaks two fundamental rules - it is both a dictionary word and is well-known. The new worm will break in and immediately change it. This change is made by directly editing the encrypted value of the password in the master password file, so that the new password is never revealed.
"This represents an additional risk as it means that cybercriminals now know what your password is, allowing them to log back into your iPhone later, but you don't, so you cannot login and eliminate the virus."
Graham Cluley, senior technology consultant at Sophos, said, "This latest iPhone malware is doubly criminal. Not only does it break into your iPhone without permission, but it also cedes control of your phone to a botnet command server in Lithuania.
"That means your iPhone is turned into a zombie, ready to download and to perform any commands the cybercriminals might want in the future. If infected, you have to consider all of the data that passes through your iPhone compromised."