|Home » Industry Watch
Rickrolling iPhones in Australia
People are stupid and this is to prove it.
- Ashley Towns
Ashley Towns has overnight become a web celebrity - he's got only 168 followers on Twitter but what a crowd: Rixstep, Patrick Gray, Stephen Fenech, Jeff Duff, Robert McMillan, Darren Thurston, Graham Cluley, and YourTechNet in Melbourne.
Ash is the one introducing an uneducated and unsuspecting continent to the song stylistics of Stock, Aitken, and Waterman. At least those with jailbroken iPhones. Ash wrote a worm that spreads a picture of Rick Astley.
Naturally things could have been far worse considering Apple's iPhone has next to no security once its single line of defence is down. Using passwords everyone is acquainted with doesn't help either.
The ever-helpful Graham Cluley more or less took Ash under his wing right away, publishing a slew of articles and admonishing the young Aussie to do the 'right thing'.
iPhone users may rush into jailbreaking their iPhones in order to add functionality Apple may have denied to them. But if they do so carelessly they may also risk their iPhone becoming the target of a hacker.
My prediction is that we may see more attacks like this in the future.
What's clear is that if you have jailbroken your iPhone or iPod Touch and installed SSH then you must always change your root user password to something different than the default 'alpine'.
In fact it would be a good idea if you didn't use a dictionary word at all.
Please don't release the source for the iPhone worm. Please do everything you can to prevent new versions being written. Thanks
The code is already 'out there' of course - I hope you'll do your bit to get it removed, before more malicious variants are released
Some people got a copy before the URL was clamped down. Others are still asking.
hey ash, can i grab a copy of the rickroll source? please? :)
Cluley isn't too optimistic about how this one's going to turn out.
And of course we know all Apple users are diligent about anti-virus and updates.. ;-)
He's also taken to sponsoring polls.
But antivirus isn't the issue - the total lack of Unix security is.
A less than wise or recognised spokesperson for Apple once quipped that if security gurus didn't think the Cupertino company thought through their security design decisions really hard before they decided on the Windows model then they were stupid or something. Maybe this is why. For a free iPhone has no protection. None.
Mikko Hypponen was one of the few who got all four versions of the source before the link was taken down. 'There'll quickly be more variants and they might have nastier payload than just changing your wallpaper', said a jubilant Hippo who's trying to take credit for discovering it.
We have located the first iPhone worm...
And in keeping with the best traditions of the respected Windows antivirus industry, Rixstep have decided to detect the worm as iPhoneOS.Rollrick.D.
Be sure to keep your iPhone antivirus software up to date.
It's not that hard guys. But hey who cares. It's only your bank details at stake.
- Ashley Towns
I saw a commercial on late night TV. It said 'forget everything you know about slipcovers'. So I did. And it was a load off my mind. Then the commercial tried to sell me slipcovers and I didn't know what the hell they were.
- Ashley Towns
BBC: Worm attack bites at Apple iPhone
Slashdot: First iPhone Worm Discovered, Rickrolls Jailbroken Phones
Graham Cluley; Worm author tells media he initially infected 100 iPhones
SC Magazine: Jailbroken iPhones fall victim to Australian virus
ABC News: Australian admits creating first iPhone virus
Computerworld: No regrets from Aussie iPhone virus creator
Computerworld: First iPhone worm spreads Rick Astley wallpaper