Ikee.B virus gives control of iPhones to cybercriminals


Ikee.B virus gives control of iPhones to cybercriminals

Rebecca Thomson

A new virus is attacking iPhones and giving control of the devices to a botnet in Lithuania.

If infected, the phones will download and perform any commands the cybercriminals want it to in the future, according to IT security firm Sophos.

The new worm, called "Duh" or "Ikee.B", spread over the weekend. It hunts for vulnerable phones on a wide range of IP addresses.

It follows the first ever iPhone virus Ikee, which appeared two weeks ago but was only reported in Australia. The current worm includes IP ranges in several countries, including the Netherlands, Portugal, Australia, Austria and Hungary.

Sophos found that the virus also changes an iPhone's password. Researcher Paul Ducklin said the password the hackers choose is "ohshit". The company advised anyone with a hacked phone to change the root password.

Ducklin, head of technology in Sophos Asia Pacific, said, "Apple's default root password "alpine" on the iPhone breaks two fundamental rules - it is both a dictionary word and is well-known. The new worm will break in and immediately change it. This change is made by directly editing the encrypted value of the password in the master password file, so that the new password is never revealed.

"This represents an additional risk as it means that cybercriminals now know what your password is, allowing them to log back into your iPhone later, but you don't, so you cannot login and eliminate the virus."

Graham Cluley, senior technology consultant at Sophos, said, "This latest iPhone malware is doubly criminal. Not only does it break into your iPhone without permission, but it also cedes control of your phone to a botnet command server in Lithuania.

"That means your iPhone is turned into a zombie, ready to download and to perform any commands the cybercriminals might want in the future. If infected, you have to consider all of the data that passes through your iPhone compromised."

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy