Apple iPhones hit by major worm attack after a Rick Astley 'joke' spirals out of control

News by Dan Raywood

Users of the Apple iPhone have been warned of the first major worm to hit the handset.

Users of the Apple iPhone have been warned of the first major worm to hit the handset.

The virus, dubbed the ikee worm, breaks into iPhones and changes the users lock screen wallpaper to an image of 1980s pop star Rick Astley with the message ‘ikee is never going to give you up'.

Users who have ‘jailbroken' their handset to allow them to install third-party applications have fallen victim to the infection. The creator has been revealed as Ashley Towns, a 21 year-old Australian, who claimed the virus was a ‘harmless' practical joke.

Towns claimed that he was not intending for the virus to spread as far as it did and claimed that he hacked the iPhones to ‘have fun' and hoped affected users would also see the ‘fun' side.

He told Australia's ITNews: “I guess the immature side of me kicked in at first, and Rick-rolling is always a way for a cheap laugh. I wanted to have fun, and I did.” He also claimed that he originally intended to have a user's ringtone changed to singer Rick Astley's 1980s hit Never Gonna Give You Up but said that at the last minute, he couldn't find an audio converter that made that possible.

He also claimed that pictures of loved ones - in one case an iPhone user's child - had been sent to other iPhones infected by the virus. He also admitted that he had ‘never thought' about whether the virus would cost users in excess download fees - and in turn higher bills.

He said he was ‘aware' of the legal implications of creating the virus but was ‘not concerned' by them, but later confessed that he was worried about the levels of media coverage.

Mikko Hypponen, chief research officer at F-Secure, said: “The worm targets users who have jailbroken their phone but have not changed their default root login password. It will search for vulnerable iPhones by scanning a handful of IP ranges — most of which are in Australia. At the moment, we have no confirmed reports of Ikee outside of Australia.

“After Ikee infects a phone, it disables the SSH service, preventing reinfection. The creator of the worm has released full source code of the four existing variants of this worm. This means that there will quickly be more variants, and they might have nastier payload than just changing your wallpaper or might try password cracking to gain access to devices where the default password has been changed.”

A poll by Sophos revealed that 73 per cent (at the time of writing) of voters believe that Towns has done iPhone users a favour by using an acceptable way to raise awareness of poor security. Eleven per cent believed that he acted recklessly by releasing the worm and 16 per cent hoped that he would be investigated as he broke the law.

Graham Cluley, senior technology consultant at Sophos, said: “What's clear is that if you have jailbroken your iPhone or iPod Touch, and installed SSH, then you must always change your root user password to something different than the default, ‘alpine'. In fact, it would be a good idea if you didn't use a dictionary word at all.

“Presently it appears that the worm does nothing more malicious than spread and change the infected users lock screen wallpaper. However, that doesn't mean that attacks like this can be considered harmless.

“Accessing someone else's computing device and changing their data without permission is an offence in many countries - and just as with graffiti there is a cost involved in cleaning-up affected iPhones.

“Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm. Furthermore, a more malicious hacker could take the code written by ikee and adapt it to have a more sinister payload. My prediction is that we may see more attacks like this in the future.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews