A new iPhone worm has found its way out that have malicious traits as opposed to the Rickroll worm found two weeks ago. The worm identified as “Duh” or “Ikee.B” uses the same modus operandi as the rickroll worm, effectively putting only jailbroken users with default SSH password at risk.
The first sign came from a Dutch ISP who recorded unusual data transfers from affected iPhone devices. Apparently, the worm connects to a Lithuanian server to upload user’s compromised data and allow the hacker to control the device the remotely.
The only way to get away with this is to change the SSH root password from the default “alpine” to something else. The worm sets “ohshit” as the new password on attacked iPhones.