MobilitySecurity

RickRolling iPhone Worm Pops Up Down Under

An Australian student has created the first ever iPhone worm – a “rickroller” that puts an image of singer Rick Astley on jailbroken phones

Security company Sophos has warned of the world’s first iPhone worm, which has been created by a student in Australia.

The effects of the  student’s worm are relatively benign – it changes the handset’s wallpaper to an image of 80’s UK pop crooner Ricky Astley – but Sophos has warned in a statement that the source code has been published online and could be used to create a more destructive attack.

The virus, known as the ikee worm, is also only able to penetrate so-called “jailbroken” iPhones that have been opened to allow them to be used on any network. So far it has not been seen outside Australia.

“The first indication that anything is wrong with your iPhone is if you see a picture of Rick Astley,” said Graham Cluley, senior technology consultant for Sophos. “Fortunately the worm doesn’t do anything more malicious than that – it doesn’t steal information, access your emails or snoop on your calls. But the source code has been made available on the internet – meaning other hackers could create more dangerous versions of the worm.”

According to Sophos the author of the worm appears to be a 21 year old student, Ashley Towns, from Wollongong, New South Wales. The company said it had discovered a Twitter page where he admitted writing the worm.

“The worm’s author may be unrepentant about what he has done – but it should be remembered that breaking into someone else’s iPhone and changing their data is against the law,” added Cluley. “This is a wake-up call to iPhone users around the world to take greater care about their security – especially if they jailbreak their phones. Other inquisitive hackers may also be tempted to experiment, and could take the code of ikee and adapt it to have a more sinister payload.”

In October, RSA Security chief executive Art Coviello said the emergence of consumer technology in business such as the iPhone combined with a massive increase in web use personally and by companies has created a situation for corporate IT security akin to the myth of the slowly boiling frog. “Not unlike the frog, we have been sitting in the pot while degrees of openess, and information growth have combined with evolving threats to stoke the fires and raise the temperature to uncomfortable levels. So how you feeling now?,” he said.

The use of Rick Astley in the ikee worm refers to the harmless Internet meme of “rickrolling” – pointing unsuspecting users to a video of Astley singing Never Gonna Give You Up, instead of any other link.

80s singers clearly have an affinity with Internet security though – last month, a security engineer from ISP TalkTalk downloaded Barry Manilow’s hit Mandy – a cheeky dig at business secretary Lord Peter Mandelson – to show easily Wi-Fi networks could be hijacked for illegal downloading. The stunt was designed to show the flaws in the government’s plans to cut-off the internet connection of illegal file-sharers.