'Duh' Worm Targets Jailbroken iPhones

By Kara Reeder | Nov 24, 2009 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/duh-worm-targets-jailbroken-iphones
Taking its cue from the world's first iPhone worm, a new worm, dubbed "Duh" by security firm Sophos, targets users who have jailbroken their iPhone but failed to change their root password.

Computerworld reports that this new worm is much more serious than the "Ikee" worm. Hackers are using the worm to build a botnet that steals data, including online banking credentials.

According to Chester Wisniewski, a senior security advisory with Sophos, "Duh" changes the default SSH password of "alpine" to "ohshit." It then uses the command-and-control strategy used by traditional PC-based botnets to steal data from the compromised device, including SMS-based authentication codes that some banks use to protect customers who are making financial transactions from their iPhones.

Ars Technica notes that non-jailbroken iPhones remain unaffected by these worms, or any real worms, for that matter.