Rick Astley iPhone worm spreads into the wild

The iPhone suffers its first ever worm attack, and Rick Astley's involved.

Rick Astley bug on iPhone

The first iPhone worm has been created, which is now spreading in the wild.

So far confined to Australia, security firm Sophos said that the Ikee' worm spreads into jailbroken phones, changing the lock screen wallpaper to an image of pop star Rick Astley with the message "Ikee is never going to give you up."

The worm will break into a jailbroken iPhone if owners haven't changed the default password, which is alpine'. Once the worm is on an iPhone it will attempt to find others on the same network and install itself again.

"This isn't a proof of concept," said Sophos senior technology consultant Graham Cluley. "It has infected real people, who went on the internet to try and find out what to do."

The creator, 21-year old Ashley Towns from New South Wales, has admitted infecting 100 iPhones.

A message inside the worm says that he did it out of "boredom" and found it ridiculous that he was able to find that 26 out of 27 accessible iPhones were vulnerable due to having the default password.

"It looks as though it will be confined to Australia," Cluley said. "But someone could take the code and make it work in other countries as well. I think the bigger danger is if somebody takes the code for more malicious purposes. So it would be possible to take this code and maybe steal information."

He added: "You wouldn't change the wallpaper for instance, so you wouldn't know if you've been infected."

Cluley said that the source code was available on the internet. The worm's creator also said on Twitter that people were already asking for the code.

"If you do jailbreak your iPhone, you must make sure you do it securely and change your route password," added Cluley.

The expert said it was important to stress that if you haven't meddled with your iPhone in a low level way, then you should be safe.

Cluley said: "Maybe in the future, Apple should consider shipping the iPhone without a default password which everyone uses. Why should all iPhones all have the same one?"

He added that in the enterprise many people brought consumer technology like the iPhone in even if it wasn't officially authorised. He warned businesses that they needed to make them secure to prevent a worm like this spreading and taking company data from the devices.

IT PRO blogger Davey Winder has blogged about the worm here.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021
More than 90% of IT decision makers reuse passwords
Security

More than 90% of IT decision makers reuse passwords

30 Nov 2021
Chinese hackers target ManageEngine password manager
cyber security

Chinese hackers target ManageEngine password manager

9 Nov 2021
Apple iPhone 13 review: A video powerhouse
iOS

Apple iPhone 13 review: A video powerhouse

3 Nov 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

24 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021