• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Aussie Worm Rickrolls Jailbroken iPhones


    A programmer in Australia has created a worm that changes the lockscreen of infected phones to a picture of 80s singer Rick Astley. Like the recent Dutch "hack" that replaced users' wallpaper with a demand for money, this worm accesses jailbroken iPhones that are running OpenSSH and are still using the default root password.

    The worm was written by someone who goes by the name of ikee. It works by scanning the IP range of the 3G network the phone is on, then the address ranges of carriers Optus, Vodafone and Telstra, until it finds a running SSH service. The worm then replaces the lockscreen with an image of Rick Astley along with the words "ikee is never going to give you up," deletes the SSH daemon, and begins scanning for another vulnerable phone. ikee noted that his own phone had infected more than a hundred other phones, and there have been suggestions, as yet unconfirmed, that the worm may have spread beyond Australia.

    A blogger posted the transcript of an IRC chat with ikee, in which he explained that he wrote the worm because he "was curious to how far something like this would actually spread." He says that it "was all in good fun (well ok for me anyway)." The blogger also posted the source code of the virus.

    There's no real justification for hacking somebody's phone. It's to be hoped, though, that the increasing frequency of default-password "hacks" highlights the importance of changing your root password and not running ssh when it's not needed.

    image via JD's Thoughts on Everything
    This article was originally published in forum thread: Aussie Worm Rickrolls Jailbroken iPhones started by Paul Daniel Ash View original post
    Comments 87 Comments
    1. SchmilK's Avatar
      SchmilK -
      hmm...i think AT&T in USA doesn't allow port 22 access to their phones. The only way I can SSH to my phone is using local WiFi...if I try using the AT&T ip address WinSSH just hangs and eventually says it cannot connect.
    1. CaptainChaos's Avatar
      CaptainChaos -
      ^it's because AT&T is natted. It won't happen.

      Quote Originally Posted by mkurasz View Post
      Ughhhhh man I don't even know where to start. It's real funny but I also feel real bad. No you do not have ssh if u did not specifically install it on a jb iPhone/iPod.. Just because u use a program that connects via tcp/ip does not make it ssh. Ssh is a secure shell and it's a protocol that's not installed by default. So stop worrying if it's not jb and go read wikipedia and find out what ssh is... Don't wanna be mean to a obvious n00b but u should read more before asking such dumb questions.. Anyway no harm done now go learn! Lol
      Wow. Since when are questions dumb? You need to work on your social skills. People come here specifically to ask questions and that does not necessarily make them[the questions] dumb.
    1. nighthawk283's Avatar
      nighthawk283 -
      Thats scary stuff to happen when your Jailbroken,
    1. psychodave's Avatar
      psychodave -
      That's classic! Might rick roll a friend or two's iPhones.
    1. McMike's Avatar
      McMike -
      I downloaded & installed mobile terminal the other day for the purpose of changing my PWs - but when I open it it crashes about 2 seconds later.
    1. aekhamsouk's Avatar
      aekhamsouk -
      Quote Originally Posted by SchmilK View Post
      hmm...i think AT&T in USA doesn't allow port 22 access to their phones. The only way I can SSH to my phone is using local WiFi...if I try using the AT&T ip address WinSSH just hangs and eventually says it cannot connect.
      i get the same results..
    1. CaptainChaos's Avatar
      CaptainChaos -
      They should of used a picture of Crocodile Dundee :P
    1. joshmc's Avatar
      joshmc -
      Guys

      How do I get rid of that terrible picture now? I've been simply trying to change the wallpaper but it stays... Seems hes never gonna let my phone go!
      Thanks
    1. romeo_herman's Avatar
      romeo_herman -
      Quote Originally Posted by iMister View Post
      I have just installed mobile terminal from cydia, but when i go back to home screen to open it there is a problem, it opens then closes right away..... Anyone know why this might be?

      Thanks
      possible your wifi not online yet( sometimes wifi icon appear but internet not connect yet)try it again .

      Quote Originally Posted by joshmc View Post
      Guys

      How do I get rid of that terrible picture now? I've been simply trying to change the wallpaper but it stays... Seems hes never gonna let my phone go!
      Thanks
      You must restore your iphone.....
    1. LGgeek's Avatar
      LGgeek -
      Also good idea to download SBsettings so you can turn ssh on and off.
    1. The Digital Alchemist's Avatar
      The Digital Alchemist -
      Two questions (please be kind to a N00b that knows I'm more dangerous to myself than to others): I have SBSetttings all ready, but don't want the SSH icon as one of my active toggles. If I have SSH turned off then toggle the icon off does SSH stay off... yes? Also I'd heard that we should leave SSH on (and change the password of course) just in case the phone got stuck in a loop. If I'm not doing any kind of modding day to day, should I just keep SSH off?

      Thanks!
    1. Cer0's Avatar
      Cer0 -
      So this one is just a copycat from the guy last week that did the same thing elsewhere?
    1. redhouse101's Avatar
      redhouse101 -
      Im not sure, im deciding if this is better than rick roll. I'll let you know soon.
    1. rhekt's Avatar
      rhekt -
      Quote Originally Posted by avnyc11 View Post
      changing your password f's up your phone, do not do it. if beyond fw 1.1.3
      no it doesnt

      Quote Originally Posted by cuty_kamu View Post
      thanks dude but i guess i have some apps from app store such as air mouse pro, idisk, quicksheet... And they all can connect from iphone to mac via wifi and i can access my iphone from my mac... I guess that is ssh.. Is it safe?

      wow!!!!
    1. stelliejames's Avatar
      stelliejames -
      i got this on my fone, im from brisbane, australia...

      i crapped my pants when i restarted my phone and saw that picture.
      read up on it and just changed my SSH default PW and it went away.

      even though we have JB phones you have to always be careful

      was a neat lil trick.
    1. benjiuk's Avatar
      benjiuk -
      Here is a video from D7 on how to do it if u have not seen it....good luck..I recommend subscribing to him he is always on top of the latest stuff happening !

      YouTube - Dinozambas's Channel
    1. StormRoBoT's Avatar
      StormRoBoT -
      what happend if i got this this? how do i get rid of the guy on my wallpaper?

      i have change my ssh password and it still their.. can any one help?

      ok found the solution

      How to remove the virus. Just had to do this myself and it worked. Remember to change your root password to avoid stupid moments like this.

      Remove:
      For versions a - c
      /bin/poc-bbot
      /bin/sshpass
      /var/log/youcanbeclosertogod.jpg
      /var/mobile/Library/LockBackground.jpg
      /System/Library/LaunchDaemons/com.ikey.bbot.plist
      /var/lock/bbot.lock

      For D:
      /usr/libexec/cydia/startup
      /usr/libexec/cydia/startup.so
      /usr/libexec/cydia/startup-helper
      /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist
      You are going to have to re-install Cydia if you had version D as it overwrites cydias files.
    1. daniel13's Avatar
      daniel13 -
      It has landed in Singapore! I have changed pwd, disable ssh in ssbsetting. That ******* still show up in lockscreen. How can I remove him permanently?
    1. StormRoBoT's Avatar
      StormRoBoT -
      daniel13, use the solution i give using ifile then restart ur phone and it will be back to normal
    1. daniel13's Avatar
      daniel13 -
      Thanks. StormRoBoT.

      Are you referring to below. What do i do with iFile? What does it mean "for versions a - c, D"?

      Remove:
      For versions a - c
      /bin/poc-bbot
      /bin/sshpass
      /var/log/youcanbeclosertogod.jpg
      /var/mobile/Library/LockBackground.jpg
      /System/Library/LaunchDaemons/com.ikey.bbot.plist
      /var/lock/bbot.lock

      For D:
      /usr/libexec/cydia/startup
      /usr/libexec/cydia/startup.so
      /usr/libexec/cydia/startup-helper
      /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist
      You are going to have to re-install Cydia if you had version D as it overwrites cydias files.