A second iPhone worm is in the wild, and unlike the jokey Australian worm authored by hacker prankster Ikee two weeks ago, this one is dangerous.
Unlike Ikee’s hack, which merely rick-rolled owners of infected iPhones, the new Dutch variant targets customers of the bank ING. When triggered, the worm redirects users visiting the banking site to an address in Lithuania which shows a fake login screen for ING online banking. It is essentially a phishing attack run on compromised iPhones.
The panic that will inevitably spread from this story is unjustified. First, if you are a regular iPhone customer you are safe, even if you are in the Netherlands. This is because, like the Ikee hack before it, the new worm will only work on a jailbroken, or hacked iPhone. Further, you will have to explicitly install SSH remote access, and then you will have to leave the root password at its default, which is alpine.
If that means nothing to you, you don’t have any reason to worry. If that does mean something to you, shame on you! You should go change that password right now.
And don’t forget, you’ll also need to live in Holland and to be a customer of the ING bank for this to work. This could explain why this “security breach”, according to the BBC, has only affected a few people: “The number of infected phones was thought to be in the hundreds rather than thousands.” And how does it spread itself? “The worm could jump from phone to phone among owners using the same wi-fi hotspot.”
While we shouldn’t ignore the threat of malware to our increasingly powerful and connected mobile devices, neither should we panic. The news of a genuine iPhone-killing piece of software seems to be treated with the same glee as news of a virus for the Mac.