There is no OS out there in the market that is not vulnerable to attacks – either virus, trojan, worms or hacks. Most of the time, the vulnerabilities are inherent in the OS (think Windows 98), and other times – because of ignorance. So no surprise that not one but two worms sprung out for the iPhone in the last few weeks. First it was just a mild, funny “RickRolling”:http://www.tuaw.com/2009/11/07/jailbreak-worm-rickrolls-the-unsecured/ of the infected iPhone’s Home screen. But recently, a much more vicious worm that will do much worse is spreading.
In a F-Secure report, it says the worm connects to a server in Lithuania and although not wide-spread, it is trying to steal information from the infected devices:
This one connects to a web-based command & control center running at 126.96.36.199 in Lithuania.
However, thankfully, these worms attack only jailbroke iPhones that also installed OpenSSH and has enabled SSH. However, by default, the root password to access via SSH is the same on all iPhones and since this fact is overlooked by most users who jailbreak their iPhone, it was like having a big NEON sign that says “I am OPEN!”.
So the first thing to do if you have jailbroke your iPhone is to close that open door1.
- Begin by installing MobileTerminal via Cydia (alternately, you can login via SSH from Terminal.app or a Cygwin-equipped Windows PC).
- Type “login”, you will be asked for a login name which should be “root” then a password which should be “alpine”.
- Type “passwd” then tap return, you will be asked to type the new password. Tap return and type the new password again.
- Repeat this same process for the “mobile” user by replacing “root” with “mobile” in step 2
Lastly, please take note that Apple doesn’t encourage iPhone users to jailbreak their phones as that might leave them susceptible to similar vulnerabilities and they won’t be responsible for any problems resulting from the jailbreaking. Likewise, we don’t post any stories promoting jailbreaking here.