back to article Malware cleans out jailbroken iPhones

Miscreants have developed a hacking tool that attacks jailbroken iPhones. iPhone-Privacy-A follows hot on the heels of last weekend's Rickrolling worm that changed the wallpaper on vulnerable iPhones to an image of cheesy '80s pop star Rick Astley. The latest hacking threat exploits the same vulnerability in the iPhone as the …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    More downsides to jailbreaking!

    What became evident to me when I did a test Jailbreak on my iTouch, was that suddenly you no longer have a trusted source. Yes, you have a TON more options to play with and a whole host more apps, but the whole vetting process is lost.

    You have NO idea whether what you are installing isn't malware, or contains malware.

    Proceed at own risk I suppose, but it sure made me reconsider and I switched back.

  2. Anonymous Coward


    unsecured device with default passwords gets pwned! Who'd've thunk?

  3. Anonymous Coward
    Anonymous Coward

    SSH malware?

    Like what has been said before, it's only if you install SSH on your iPhone and do not change the root password, kinda like setting up remote desktop on your PC with no username or password.

    You don't have to install SSH if you don't want to. That being said it would be nice if the people who make the custom jailbreak firmware would give the option after install to change the root password, rather than having to SSH in and type 'passwd', but whatever.

  4. Jim Kirby

    Jailbreaking DOES NOT install SSH

    Small point of correction. Jailbreaking in and of itself does not install or enable anything SSH related. To do this requires the user to manually install OpenSSH using one of the various installers.

    So iPhoners, if you're jailbroken but have not installed OpenSSH, you're fine. If you have installed OpenSSH, change the root password to something other than "alpine" and you're fine.

    Frankly, can this even be called a worm or virus when all it does is exploit weak passwords? Plus, what's the # of jailbreakers+OpenSSH+default-passowrd really? 100? 250?

  5. Warren G
    Jobs Halo


    Oh yes, don't let me do what I want with my expensive tech, it's not like it's mine anyway. Give me all the limitations of "out-of-the-box" on everything. Ditto installing Linux on a PC that came with Windows, or other such shenanigans.

    We should only ever do what Steve Jobs wants us to, hence his halo.

    What I really think: For once this isn't Apple's fault. If users can't cope with the idea of changing the default password on a key bit of software then they shouldn't have it.

  6. Anonymous Coward
    Black Helicopters

    Conspiracy Theory

    Call me cynical, but I bet if someone gets deep enough they'll find the hackers are funded through anonymous payoffs in brown envelopes passed between individuals in Raincoats and Trilby's in Cupertino Square.

  7. Kevin Lloyd

    Where has this been observed?

    With the Rick-Rolling incident, it hadn't been observed outside Australia at the time of writing. Has there been any discussion of where this has turned up?

  8. Anonymous Coward
    Anonymous Coward


    iPwned: why didn't I think of that? :)

    David Harley

  9. Anonymous Coward
    Anonymous Coward

    Close but no cigar.

    Other posts on this topic point out that the Rickroll virus is actually a kid in Australia who stole the code of the Dutch worm who's source was released a week prior, he's been thrashed for it and outed publicly from what I've seen. More info can be found on search for Ashley Towns it outlines his little attention whoring stunt.

  10. Andy 115
    Thumb Down

    Part of the problem could be eradicated...

    if Apple didn't insist on selling phones operator locked - yeas I know some people jailbreak for other reasons but I reckon a large majority only do it to "unlock" their phone.

    Apple seem to have missed an oppertunity in UK and seem to think that it is a good idea to sell 2 variants of the iPhone on the online store - one Orange and one o2 WTF?!?

  11. nickrw

    Nice to see you Rick!

    Bet the people stuck with Mr. Astley as their wallpaper have never been so pleased to see him given that the ikee worm disabled SSH after infecting the phone.

    @AC 13:10 - "kinda like setting up remote desktop on your PC with no username or password."

    Not really - you can't log in to an account over RDP if it doesn't have a password set

  12. BeefStirFry
    Paris Hilton

    Miscreants or MicroSoft...

    When I first read this article, I completely misread Miscreants as Microsoft, and for a while was pondering over the ethics of MS hacking Apple...

  13. Alan W. Rateliff, II
    Paris Hilton


    By default this is true. However, you can set a local security policy which activates this behavior.

    Paris, non-default behavior.

  14. This post has been deleted by its author

  15. Anonymous Coward
    Black Helicopters

    What if Apple is responsible (if not for this, then maybe future)?

    I have always considered Apple actually going after the people that jailbreak the phones. I don't see them being above creating their own "malware," since they are obviously the most knowledgeable about their own holes.

    I do see jailbreaking as a potential benefit to them as well, without it no unlocking, and therefore fewer phones sold.

    Double-edged sword.

  16. Steve Foster

    @Matt 89

    Whether an application that you install on your iDevice is malware or not is completely unrelated to whether you've jailbroken it - witness the Storm8 fuss.

    Calling the AppStore a "trusted source" has to be one of the best jokes of the day.

  17. Anonymous Coward

    @Andy 115 and Oliver Jones

    Andy, I think you'll find that the operators are insisting on operator locked devices. AFAIK, ALL devices in this country sold by any of the mobile phone operators are locked (Yes, that included those made by Nokia, Sony Ericsson et al.) hence the Apple store offering the two different models.

    Oliver. What a twat. Did you read the article, or for that matter any of the other comments (even the negative ones!)? It's quite clear that this malware targets only jail-broken phones, not all iPhones - the clue is in the title; Malware cleans out JAILBROKEN iPhones. I'd also argue that the iPhone/iPod Touch platform is hardly 'Obscure', maybe it is in your world. Still, why let facts get in the way and miss out on the opportunity to be a troll and bash Apple.

  18. Anonymous Coward
    Anonymous Coward

    I wouldn't be surprised ...

    If all of this was actually Apple's work.

  19. Tom Kelsall

    Dumbass users

    Total FAIL. Anyone with the savvy to install and use OpenSSH should know about the security concerns. Most of the stuff you can do using SSH commands can be done with apps anyway; so why would you bother? I just don't get anyone who leaves security stuff set to defaults.

  20. Anonymous Coward
    Anonymous Coward


    @Oliver Jones - What are you babbling on about, you silly fool?

    Did you read the article?

    And you have the audacity to use the word 'mactards' - oh dear, now go stand in the corner...

    @Warren G - you pays ya money, you takes ya chance - nobody is twisting your arm forcing you to buy or use the gadget. Bottom line, Apple wants the user experience of the device to not be sullied by tons of cruft. The *only* reason Joe Public would want to jailbreak a phone is so it works on a different network. Amazingly enough, it's not the only phone that has this restriction.

    As for other reasons to jailbreak - to install apps from Cydia et al - that really is a small niche area, as the vast majority of punters are more than happy with the app store.

  21. Mr Templedene

    @Tom Kelsall

    Apple users who believe the hype that they are immune from viruses!

  22. Jared Earle

    Apple dun it?

    Why do people think Apple would be in any way involved with this? While they'd rather you didn't jailbreak your phone, they don't lose any money by your doing so. It's simply not in their interest to cause this kind of press shitstorm, especially when everybody knows that it'd be reported in a way that's negative for Apple.

    When seeking the culprits, look at risk/reward. Apple gain very little and would risk a lawsuit that could possibly end them if they did this. Simply not going to happen.

    Oh, and it's not a secret iPhone vulnerability that only Apple's developers would know, it's a default password. No skill at all is needed to 'crack' a login and password prompt when you have both the login and the password.

  23. windywoo

    Change the first paragraph of the article.

    Its misleading to say that this worm can connect to any jailbroken phone. It will only "clear out" jailbroken phones with SSH installed and using the default password. Was this an oversight due to ignorance or a bias to a certain company?

  24. Anonymous Coward
    Anonymous Coward

    not quite a virus but...

    i think it was on El Reg a few years ago that the whole 'smart phone' thing was being discussed and one potential draw back was that if phones run windows or similar then we could have the same virus related problems on our phones as we do on PCs.

    So it wasn't windows, but still..

    The reason my phone does not have a virus is because when i want SSH on the go, i use a laptop or a netbook. My phone is a phone.... that is all, and it does the job really well!!!

  25. Adam Salisbury

    RE: Conspiracy Theory

    Apple must rubbing their hands with glee whether it was their doing or not! It does seem strange, if you beleive the Mactards that is, than an Apple platform has been comprised twice in a week.

    That said, all it exploits is weak SSH passwords so I guess you could at least point the rickrolling at almost anyone with SSH and a duff password. As I've not paid that much attention to the iPhone I've got no idea what OS it runs but I was assuming it'd be nice and proprietery just the way Mr Jobs likes it and if that is the case it could lend some credence and genuine concern to this latest exploit.

  26. Andy 115

    @ Simon Banyard

    It is incorrect to say all phones are operator locked - they (perhaps) used to be, but my last 2 contract phones from o2 came unlocked as did the 2 PAYG ones before them (that is factory unlocked - I didn't have to request them "unlocked" after the fact)

    Apple isn't an operator it is the hardware supplier (like Nokia et al - go to Nokia's website and try to buy a handst "locked" to one network!), it no longer has an "exclusive" deal to honor with o2 so (Apple) could easily sell PAYG handsets themselves unlocked (and o2, Orange et al can be free to ask Apple to lock the handsets they sell) - Apple controls the lock status after all via iTunes activation

    I had my cash ready to buy yesterday and was dissapointed to see Apple had chosen only to deal with locked handsets for UK customers, so my aptions are now to wait until I'm next abroad and buy from one of the many markets that sell unlocked (both direct from Apple and in local shops) or hope that the situation changes when Voda join in next year - are Apple really going to be so dumb to stock 3 (or more if TMobile and 3 are allowed to supply) lines of PAYG iPhones?

  27. Carter Cole
    Black Helicopters

    conspiracy by apple or at&t?

    if its just jailbroken phones perhaps its apple doing it or at&t they dont want you to have that functionality and everyone is jailbreaking the way to stop it is to spread fear of a worm that will f your phone

  28. This post has been deleted by its author

  29. pitagora

    the wrong way to write an article

    The article, as well as the title insinuates that any jail broken phone is in danger, which is nothing more then a lie designed to smear Apple's reputation and scare iphone owners. In reality there very few phones with SSH installed. I would say the article writer had bad intentions when he wrote the thing.

  30. Anonymous Coward
    Anonymous Coward

    Oliver Jones

    You're still a twat!

  31. Phil Endecott Silver badge

    Don't exagerate

    The first para still says (@17:26)

    > allowing hackers to connect to any jailbroken iPhone.

    This is clearly untrue; it allows hackers to connect only if (a) ssh is installed and (b) the password has not been set.

  32. Dana W

    Some people's kids.......

    People ask me "Why not Jailbreak your iPhone?" Look at all those super cool homebrew apps!

    Well, this is why.

    All this is is proving yet again that stupid people and tech gear still don't mix. I miss the days when stupid people's only technological problem was any device in their house with a digital clock on it just flashed 12:00 over and over.

    Breaking your iPhone and wondering why it won't work is the same as taking the bolt out of the lock in your front door and wondering why your house got robbed. No sympathy for the stupid. The people doing the breaking are the people with just enough know how to be dangerous. Some joker in his basement who thinks he knows more than Cuppertino, but who's whole life is over of he can't emulate Nintendo on his iPhone.

    We have two iPhones, they work just fine. Why? We run well reviewed, screened apps in a closed deice. This is like the Windoze users who download cracked games and don't know why they get viruses. NO tech is safe when stupid people go monkeying with the internals. If you want to play "Teh Haxorz" with your phone go buy an Android.

  33. Anonymous Coward

    O.J. @ 16:44

    No, O.J. I'm afraid that you did, in fact, get it quite wrong. There's no security / obscurity issue at work here. Apple doesn't claim security by obscurity; they claim security by suggesting that iPhone hacktards not do stupid things that endanger the integrity of the iPhone. As sold by Apple and used as recommended, these malwares will not affect an iPhone. You'd be equally justified suggesting that Ferrari build insecure cars because they don't float.


    For the record, I don't have an iPhone: I'm stuck with a Win6.1 brick that's distinctly bad at three things:

    1. Not crashing.

    2. Sending emails.

    3. Making phone calls.

  34. Bruce Ordway

    a treasure trove of user date?

    Anybody know of any statistics regarding what is getting stored these days and by who?

    It would be interesting to know what kinds of data people have on their "open" iPhones.

    I assumed the owners were tech savvy and conservative when it comes to storing personal info.

  35. Anonymous Coward
    Anonymous Coward

    This site needs... icon of a handbag amongst the choices for postings.

    It can be used by audiences of flame wars.

    Like the one above.

  36. Mortal


    you sir are a tool.

    Mac/PC user it is all the same.. USER! Apparently you do not/have not worked in the support arena. Security through obscurity, lol. puh-leez, go back to your winblows fanboi site. The only ones truely intersted in jailbreaking are the few furry teeth and windoze wannabe hackers/script kiddies, and the odd knowledgeable mac user. The average person has no clue as to what "jailbreaking" is and just want to use the damn thing ("breaking" scares a lot of people) to play BS time wasting games. With regards to intelligence, yeah windows users cornered that market...

    Those that are jailbreaking thier phones generally have some idea of what they are doing, and if not, and they get iPwnd, well they got what they deserve. Personally I do not own one as I do not have a "need" for one. my samsung phone works just fine as do my macs and pc's.

  37. Ivan Headache

    @ Oliver Jones

    Who said these iPhone users were mac users?

    They are just as likely to be 'tech-savvy' wintards.

  38. Adam Starkey

    @Oliver Jones

    What are you prattling on about?

    Nothing about idiots enabling SSH services that they don't need, then ignoring the warnings to change their password is "security through obscurity". It's pilot error, pure and simple. You can't even blame modern jail-breaking apps, 'cos as far as I've seen, they all go to some lengths to stop people from hanging themselves.

    I think either *you* don't know what that term means, or you still haven't managed to comprehend what's actually going on here. Either way, you're coming over like a clueless gobshite.

  39. Stuart 17

    Who said???

    nickrw : Who said Remote Desktop had to be RDP? VNC, GTA, LogMeIn, NetSupport to name but a few, all technically Remote Desktop applications just not called Remote Desktop Connection by name.

  40. Christopher Martin


    "... allowing hackers to connect to any jailbroken iPhone."

    Does "any" mean "having ssh with a default password", or is this just an error that won't be corrected?

  41. Anonymous Coward

    jailbroken iphone killer

    i wonder who paid the hackers

  42. Sean Timarco Baggaley


    "Oh yes, don't let me do what I want with my expensive tech, it's not like it's mine anyway."

    You can do whatever you damned well please with your iPhone. Apple are merely making it clear that if you don't use it the way it was *DESIGNED* to be used, you don't get to demand Apple kiss it better and make it work properly again when you bugger it up.

    Believe it or not, EVERY manufacturer imposes similar limitations on their warranties. That's why it's *called* a "limited warranty". If I crash my brand new Nissan Micra into a tree within hours of buying it, Nissan aren't going to fix it for free.

    It's called "arse-covering". A concept invented specifically to counter the vast quantities of stupid which appears to be this universe's most abundant resource.

  43. This post has been deleted by its author

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019