• On GameSpot: Next-gen DS, Xbox tech contracts set?
advertisementHP TouchSmart. Touch the future now.
advertisement
Click Here
November 9, 2009 7:25 AM PST

Jailbroken iPhone? SSH installed? Beware of worms!

by Topher Kessler
  • Font size
  • Print
  • 11 comments

Along with Apple's growing popularity, the various platforms Apple produces (iPhone, iPod, and Mac OS) are becoming more and more of a target for hackers and malware developers. The latest discovered threat affects jailbroken iPhones which have SSH installed and active, and installs a wallpaper of Rick Astley that has the phrase "ikee is never going to give you up" in red letters.

CNET Editor Caroline McCarthy discussed this new "Rickrolling" prank in an article on the new threat, which comes on the heals of July's iPhone SMS messaging vulnerability.

This wallpaper may appear on iPhones that have been hacked

(Credit: Graham Cluley)

According to Sophos, the current worm is available in four variants, which suggests more may soon be released. So far the worm does not appear to do anything malicious to affected iPhones, and seems to be more of a proof-of-concept attack than anything else; however, it does expose a vulnerability for those who have jailbroken their systems.

The worm mainly takes advantage of an overlooked security step where people who have enabled SSH have not changed the root password from the default "alpine" to something else. This basically will allow any script to run if it provides this password, so for worried iPhone users here are some simple suggestions:

  1. Do not jailbreak your iPhone unless you are aware of these and other consequences.
  2. If you do install or enable SSH, change the root password.

If you have already jailbroken your iPhone and have been affected by this worm, your safest course at this point would be to use iTunes to completely wipe the device and restore. Currently the malware is only a prank, but it will take time for malware detectors such as Sophos to fully analyze the code. Hopefully you have a recent backup of your iPhone that you can restore. Meanwhile, we should expect Apple to address this problem in some form with an update, though they have warned numerous times against jailbreaking iPhones so fixing jailbroken ones may not be on their list of priorities.

AV for iPhone?

Since the iPhone OS is a variant of OS X, and is clearly a target for people bent on exposing or taking advantage of vulnerabilities, does this mean users will someday need to have antivirus enabled on their phones and mobile devices? I imagine solutions such as this will make their way out, but as always the best way to secure your devices is to be smart about them. Installing SSH on your iPhone should be researched and tested before you rely on it and do it.


Questions? Comments? Post them below or email us!
Be sure to check us out on Twitter and the CNET Mac forums.

Topher has been an avid Mac user for the past 15 years, and has been a contributing author to MacFixIt since Spring 2008. One of his passions is troubleshooting Mac problems and making the best use of Macs and Apple hardware at home and in the workplace.
Topics:

Development,

News,

Announcements

Tags:

iPhone,

Worm,

Jailbroken

Share:
Digg
Del.icio.us
Reddit
Recent posts from MacFixIt
Weekly Utilities Updates and Review: PrefEdit
Get USB 3.0 in your PCI-express Mac, maybe?
Emails staying in the drafts folder?
Computer not going to sleep immediately
UPDATED: Finder not opening files when double-clicked
Handbrake 0.9.4 adds 64-bit support
Apple releases iPhoto 8.1.1 update
S-video connection problems for MacBooks
Add a Comment (Log in or register) (11 Comments)
  • prev
  • 1
  • next
by lkrupp November 9, 2009 10:29 AM PST
Kinda hard to work up any sympathy for jailbreakers and their various hacks. They wanted "choice"? Well, they got it I guess. Problem is, of course, they'll blame Apple for their troubles.
Reply to this comment
by Rasfahan November 9, 2009 1:37 PM PST
Well, for me jailbraking has so far saved thousands of input steps so far by being able to turn on/off bluetooth from the home screen instead of having to go down to level 3 in the menus (yeah, call it "settings app" - but it's all it is: a settings menu). All other phones that have bluetooth have this functionality easily reachable. Most even by a (*gasp*) configurable button that is easily reached even while driving...

So far, no troubles - but then, I'm not so stupid to install ssh, activate it, allow it to log in as root *and* not change the root password...
by kucharsk November 9, 2009 10:53 AM PST
This is sad - now cnet is going to be discussing security issues in third-party hacks to devices that Apple specifically states are against its license to install and in no way affect the devices when used in a supported manner?

Perhaps they need to start Hax0rzF!x!t or something...
Reply to this comment
by tkessler November 9, 2009 11:05 AM PST
It's not sad at all. We're not promoting jailbreaking, but rather are discussing the pitfalls of doing so as a warning to those who may be interested in doing this. I suggested in this article that addressing this issue may not be on Apple's priority list.
by fmlogue November 9, 2009 12:06 PM PST
Why would you even suggest that Apple fix a security problem with jail-broken iPhones? Isn't "don't do this because it is illegal and we are not responsible for what may happen to your iPhone if you *choose* to disregard us" enough? Man, what is wrong with your logic circuit?
Reply to this comment
by tkessler November 9, 2009 12:39 PM PST
It would be irresponsible for Apple to not acknowledge and address the problem, despite their warnings. The logic in suggesting this is the same as that for people who visit harmful websites, who then complain to Apple that Safari isnt securing them from harm. It's their fault, but regardless Apple still patches the vulnerabilities or at least implements a warning system. My only expectation is that something similar will happen in this case, but I'm not in any way demanding Apple address the issue. By "expect" I mean it more in terms of "I imagine" this will happen: I expect apple will follow this up (I figure it's likely); however, I dont have expectations for them them TO DO something about it.
by Fingal November 9, 2009 12:23 PM PST
It's best practice, on any OS, to set ssh to require public key authentication. I don't know if you can do that on a jailbroken iPhone but I wouldn't enable ssh otherwise. Requiring public key authentication should prevent this hack even if you don't change the root password. You should still change the root password for other reasons, however.
Reply to this comment
by desepticon November 9, 2009 1:02 PM PST
This is not a "hack." This is someone scanning for unsecured ssh ports. If people are stupid enough to leave default passwords on their devices its their own fault. This has nothing to do with jailbreaking or Apple. Its ridiculously easy to change your root and mobile passwords with a simple passwd command in the Terminal. This may have been an issue in the old days, when Installer.app put a screwed up passwd command in. But, with Cydia, thats been fixed for a while now and every ssh guide I have seen for the iphone has advocated changing root passwords.

Also, why all the backlash against jailbreakers?
Reply to this comment
by kucharsk November 9, 2009 1:50 PM PST
Why should it be on Apple's priority list at ALL when there's no way to access it on a device that has not been jailbroken given, as shipped, the application in question WILL NOT ACCEPT CONNECTIONS?

It makes absolutely no sense whatsoever for Apple to even give a moment's THOUGHT to the issue.
Reply to this comment
by leoofborg1 November 9, 2009 3:59 PM PST
As usual CNET / MacFixit is a bit slap-dash-copy-paste with their "reportage".

Cmon guys, you have to change TWO USER ACCOUNTS. The first, the primary user mobile.

And THEN root.

You must change BOTH.

And Kucharsk is right, Apple should care about jailbroken phones or the whinging of users who do not know what a chroot jail is.

Fact of the matter is, the jailbreakers provide enough documentation floating out in the ether, and if lusers can't be bothered to RTFM they deserve whatever they get.
Reply to this comment
by kool_skatkat November 23, 2009 7:35 AM PST
You'd think that the jail breaking tool creators would at least make it safe for their users and automate the process. Unless their focus is not more security but less security if it provides more freedom.

If you loose money after jailbraking your phone, do get to sue the author of the tools?
Reply to this comment
(11 Comments)
  • prev
  • 1
  • next

Navigate MacFixIt

  • Help
  • Archives
  • Utilities
  • Forums
advertisement
Click Here

About MacFixIt

MacFixIt is CNET's troubleshooting resource for all things Mac. The information here helps you navigate the ins-and-outs of Mac ownership with how-tos, troubleshooting information, news, reviews, and more.

Add this feed to your online news reader

MacFixIt topics

Reviews & advice
Site map
Editorial policies
Meet the editors
How we test
Forums
Internet speed test
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET
sponsored