• Your favorite








    , and
  • Aussie Worm Rickrolls Jailbroken iPhones

    A programmer in Australia has created a worm that changes the lockscreen of infected phones to a picture of 80s singer Rick Astley. Like the recent Dutch "hack" that replaced users' wallpaper with a demand for money, this worm accesses jailbroken iPhones that are running OpenSSH and are still using the default root password.

    The worm was written by someone who goes by the name of ikee. It works by scanning the IP range of the 3G network the phone is on, then the address ranges of carriers Optus, Vodafone and Telstra, until it finds a running SSH service. The worm then replaces the lockscreen with an image of Rick Astley along with the words "ikee is never going to give you up," deletes the SSH daemon, and begins scanning for another vulnerable phone. ikee noted that his own phone had infected more than a hundred other phones, and there have been suggestions, as yet unconfirmed, that the worm may have spread beyond Australia.

    A blogger posted the transcript of an IRC chat with ikee, in which he explained that he wrote the worm because he "was curious to how far something like this would actually spread." He says that it "was all in good fun (well ok for me anyway)." The blogger also posted the source code of the virus.

    There's no real justification for hacking somebody's phone. It's to be hoped, though, that the increasing frequency of default-password "hacks" highlights the importance of changing your root password and not running ssh when it's not needed.

    image via JD's Thoughts on Everything
    This article was originally published in forum thread: Aussie Worm Rickrolls Jailbroken iPhones started by Paul Daniel Ash View original post
    Comments 87 Comments
    1. StormRoBoT's Avatar
      StormRoBoT -
      oh, using ifile, remove all the file, do the a - c

      dont do the D yet,

      after do the a-c then restart ur phone, if u see the wallpaper still didnt change then you have to do the "D"
    1. daniel13's Avatar
      daniel13 -
      thanks again.

      you are saying removing all the files as mentioned under the "for version a-c" section?

      restart iphone.

      If the image still there. than remove the files under the "For D" section. is it safe to remove these files.

      your last sentence say "You are going to have to re-install Cydia if you had version D as it overwrites cydias files. " what does this mean?
    1. StormRoBoT's Avatar
      StormRoBoT -
      yes, removed all the file in version a-c

      i never tried the version D

      after i did the version a-c my fon is back to normal

      and before u do this make sure u have change ur SSH password
    1. daniel13's Avatar
      daniel13 -
      thanks, StormRoBoT.
    1. StormRoBoT's Avatar
      StormRoBoT -
      how is ur iphone? is it ok?
    1. djdraco's Avatar
      djdraco -
      Ahhhh, takes me back.....
    1. gnixer's Avatar
      gnixer -

      I remove all the files
      after the ikee virus, i did DFU and restore
      but i didn't change the password but after using gprs
      i can't ssh, everytime i have to reinstall ssh then can get access to root and delete the above files again.

      anyone has any idea, why is it so ?