• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Aussie Worm Rickrolls Jailbroken iPhones


    A programmer in Australia has created a worm that changes the lockscreen of infected phones to a picture of 80s singer Rick Astley. Like the recent Dutch "hack" that replaced users' wallpaper with a demand for money, this worm accesses jailbroken iPhones that are running OpenSSH and are still using the default root password.

    The worm was written by someone who goes by the name of ikee. It works by scanning the IP range of the 3G network the phone is on, then the address ranges of carriers Optus, Vodafone and Telstra, until it finds a running SSH service. The worm then replaces the lockscreen with an image of Rick Astley along with the words "ikee is never going to give you up," deletes the SSH daemon, and begins scanning for another vulnerable phone. ikee noted that his own phone had infected more than a hundred other phones, and there have been suggestions, as yet unconfirmed, that the worm may have spread beyond Australia.

    A blogger posted the transcript of an IRC chat with ikee, in which he explained that he wrote the worm because he "was curious to how far something like this would actually spread." He says that it "was all in good fun (well ok for me anyway)." The blogger also posted the source code of the virus.

    There's no real justification for hacking somebody's phone. It's to be hoped, though, that the increasing frequency of default-password "hacks" highlights the importance of changing your root password and not running ssh when it's not needed.

    image via JD's Thoughts on Everything
    This article was originally published in forum thread: Aussie Worm Rickrolls Jailbroken iPhones started by Paul Daniel Ash View original post
    Comments 87 Comments
    1. vantheman169's Avatar
      vantheman169 -
      Quote Originally Posted by avnyc11 View Post
      changing your password f's up your phone, do not do it. if beyond fw 1.1.3
      what did it do to your phone?
    1. cuty_kamu's Avatar
      cuty_kamu -
      Quote Originally Posted by mnhollie View Post
      You can only SSH if you've jailbroken your ipod/iphone. No need to worry
      thanks dude but i guess i have some apps from app store such as air mouse pro, idisk, quicksheet... and they all can connect from iphone to mac via wifi and i can access my iphone from my mac... i guess that is SSH.. is it safe?
    1. mkurasz's Avatar
      mkurasz -
      Ughhhhh man I don't even know where to start. It's real funny but I also feel real bad. No you do not have ssh if u did not specifically install it on a jb iPhone/iPod.. Just because u use a program that connects via tcp/ip does not make it ssh. Ssh is a secure shell and it's a protocol that's not installed by default. So stop worrying if it's not jb and go read wikipedia and find out what ssh is... Don't wanna be mean to a obvious n00b but u should read more before asking such dumb questions.. Anyway no harm done now go learn! Lol
    1. cuty_kamu's Avatar
      cuty_kamu -
      Quote Originally Posted by mkurasz View Post
      Ughhhhh man I don't even know where to start. It's real funny but I also feel real bad. No you do not have ssh if u did not specifically install it on a jb iPhone/iPod.. Just because u use a program that connects via tcp/ip does not make it ssh. Ssh is a secure shell and it's a protocol that's not installed by default. So stop worrying if it's not jb and go read wikipedia and find out what ssh is... Don't wanna be mean to a obvious n00b but u should read more before asking such dumb questions.. Anyway no harm done now go learn! Lol
      i read all about ssh but reconfirming is not going to harm me in anyway... thanks for the advice though... and finally, thanks for your reply.. i appreciate it.
    1. ecd5000's Avatar
      ecd5000 -
      you wouldnt get this from any other guy! use sbsettings keep ssh off and this stuff would not happen. you deserve to be rickrolled!
    1. smuggler's Avatar
      smuggler -
      Quote Originally Posted by Titan3636 View Post
      how do you change the root password????
      if you haven't figured this out yet, you don't need to be messing around with a jailbroken iphone, the directions are clearly on the cydia page. just read a little bit, you'd be amazed at how far it gets you.

      Quote Originally Posted by cuty_kamu View Post
      if i'm not jailbreaked how would i know my SSH is turned on?
      and if it is turn on how would i turn it off without jailbreaking my device?
      if you aren't jailbroken, then you haven't installed open ssh, and therefore are not vulnerable to this exploit. haha

      Quote Originally Posted by avnyc11 View Post
      changing your password f's up your phone, do not do it. if beyond fw 1.1.3
      it doesn't f up your phone. what makes you think otherwise?
    1. DayumQuitPlayin's Avatar
      DayumQuitPlayin -
      It's because of assholes like him that gives Apple more reason to battle jailbreaking. Apple can use those two cases as evidence and proof that jailbreaking isn't safe. Now Apple has some evidence to support their claim. Something so minor can actually turn major once people's interest in it start to grow.. and who knows... there may be virus created to harm our phones. It's people like that that ruins it for everyone else. /Rant
    1. smuggler's Avatar
      smuggler -
      Quote Originally Posted by billchase2 View Post
      Do that many people keep SSH on at all times? I keep mine off and only turn it on if I need to make changes. SSH seems to suck the battery dry if left on all the time.
      dude ssh doesn't use any of your batt power, hate to break it to ya.
    1. salayyad's Avatar
      salayyad -
      Changing the password doesnt ruin the phone i have done it and im fine. im on 3.1 without any issues
    1. smuggler's Avatar
      smuggler -
      Quote Originally Posted by Ticko View Post
      i have to say greatest video on youtube right now !!!
      disagree, haha
    1. Tower72's Avatar
      Tower72 -
      Quote Originally Posted by c.e.p View Post
      Yeah this happened to my brothers phone.

      Managed to convince him to finally jailbreak it, about 6 hours later i see this rick roll fella haha...
      This made me LOL for real
    1. mikerlx's Avatar
      mikerlx -
      I checked my dashboard I had 3G ON and ssh on. I usually have them off but forgot when i upgraded to 3.1.2 on a whim All off now!
    1. vvilliamm's Avatar
      vvilliamm -
      i didnt even install openssh =] on my jailbroken iphone
    1. iphonerookie's Avatar
      iphonerookie -
      so im totally confused, i have the newest version of WinSCP on my PC and my iphone is JB on 3.0 firmware w/redsn0w. Anytime i try going into the options or whatever in WinSCP before logging in to change the password, it acts as if it's changed, then when i type "root" then my new chosen password it says its denied. I then type in alpine and bam, lets me right in. Whats up with this? how do i change the password to getting in my phone over wifi SSH from inside WinSCP?
    1. russoeternal's Avatar
      russoeternal -
      I've been RickRolled lol.
    1. mbaharvard's Avatar
      mbaharvard -
      Quote Originally Posted by avnyc11 View Post
      changing your password f's up your phone, do not do it. if beyond fw 1.1.3
      Are you insane, or just acting that way?

      Changing the password does NOT mess up your phone in any way.

      Unless you forget the password you changed it to ...

      Quote Originally Posted by iphonerookie View Post
      so im totally confused, i have the newest version of WinSCP on my PC and my iphone is JB on 3.0 firmware w/redsn0w. Anytime i try going into the options or whatever in WinSCP before logging in to change the password, it acts as if it's changed, then when i type "root" then my new chosen password it says its denied. I then type in alpine and bam, lets me right in. Whats up with this? how do i change the password to getting in my phone over wifi SSH from inside WinSCP?
      Logon with "root" and "apine" then:
      Quote Originally Posted by mbaharvard View Post
      Works on 'em all. I just SSH in with WinSCP and use Putty to change both the root and mobile passwords.

      When you are connected with WinSCP, just open Putty and it will first ask you a password - type in "alpine".

      Then type "passwd" then your chosen password twice.

      Then type "passwd mobile" and then, again, your chosen password twice. then "exit" to end the Putty session.

      Done.

      And, as has been mentioned, turn off SSH unless you need it - easiest via SBSettings from Big Boss.
      And, don't forget your password - you'll need it when you relog on with WinSCP - still "root" but now, your new password.
    1. ViViD69's Avatar
      ViViD69 -
      ha ha ha i got this last night but i jst checkd sbsettings n my ssh is off... do i jst change my password 2 get rid of it? im a rookie at this sort of stuff...
    1. astalavistadear's Avatar
      astalavistadear -
      iPhone hacking the new fad
    1. stickman1000000's Avatar
      stickman1000000 -
      this happend to me today. im not worried because im jut going to restore. but is there anything else that happens besides the wallaper. oh btw the time changes to
    1. iMister's Avatar
      iMister -
      I have just installed mobile terminal from cydia, but when i go back to home screen to open it there is a problem, it opens then closes right away..... Anyone know why this might be?

      Thanks