Another iPhone worm has surfaced in the wake of the recent ‘Rick roll’ – but this one is much more serious.
Again, this worm only affects iPhones or iPod touch devices which have been ‘jailbroken’ by their users – altered to run non-Apple applications.
The infection sends information back to a ‘control and command’ centre (believed to be in Lithuania), effectively turning the infected device into part of a botnet, a network of compromised devices. This means any confidential information stored on the device can be read and used, and the device could also be used to distribute spam and malware.
The worm changes the root password from the default of "alpine" that Apple set in the factory firmware, making it more difficult for users to secure their devices. The recommended method to remove this malware from your iPhone is to restore the Apple factory firmware using iTunes.
“When an infected device is hooked up to a wi-fi connection, the worm can spread more quickly to more IP addresses than on a typical 3G connection,” says a Sophos blogger. “One symptom noted is that battery life is very, very short when the device is connected to wi-fi, because the worm is generating so much network activity.
“This further demonstrates that iPhones are not ready for the business environment. Apple has made a great effort at preventing people from cracking into their software and unlocking/jailbreaking their devices, but where there is a will, there will always be a way.”
The latest worm has been named ‘Duh’, which is the identity of the component that reports back to the control centre.