A couple of weeks ago, the first iPhone worm appeared, Now, according to early reports of strange activity by Dutch ISP XS4ALL, and later confirmed by Sophos, there’s a new worm in the wild, and this one is far more malicious.
The new worm is called “Duh” or “Ikee.B” and it uses exactly the same vulnerability as the previous one.
Thus, the vulnerability fix is absolutely identical – just change the default root password (“alpine”) in the SSH application to anything different.
According to Sophos, Ikee.B is “designed to connect to a server in Lithuania and to follow orders from remote hackers”.
iPhone users who have not jailbroken their iPhone or have not installed the SSH application are not affected by this Ikee.B vulnerability.
No related posts.
