A couple of weeks ago, the first iPhone worm appeared, Now, according to early reports of strange activity by Dutch ISP XS4ALL, and later confirmed by Sophos, there’s a new worm in the wild, and this one is far more malicious.
The new worm is called “Duh” or “Ikee.B” and it uses exactly the same vulnerability as the previous one.
Thus, the vulnerability fix is absolutely identical – just change the default root password (“alpine”) in the SSH application to anything different.
According to Sophos, Ikee.B is “designed to connect to a server in Lithuania and to follow orders from remote hackers”.
iPhone users who have not jailbroken their iPhone or have not installed the SSH application are not affected by this Ikee.B vulnerability.
A report published by the United States government indicates that 79 percent of the malware threats to mobile operating systems are targeting Android compared to less than one percent that took place on iOS powered devices over the same time period.