Got a jailbroken iPhone? Then you need to read this:

The first worm targeting Apple’s iPhone is alive and spreading in the wild. But most iPhone owners need not worry about it.

The worm, known as Ikee, is, as worms go pretty harmless in that all it does is change the lock screen wallpaper to a picture of 80’s signer Rick Astley before looking for other devices to infect.

If you're running a jailbroken iPhone and you didn't change the root password fro the default "alpine" (yes, the whole hacking world knows that it is) then you should change it now!

Here are instructions on how to remove Ikee variants

Variants A, B and C

• Remove: /bin/poc-bbot
• Remove: /bin/sshpass
• Remove: /var/log/youcanbeclosertogod.jpg
• Remove: /var/mobile/LockBackground.jpg
• Remove: /System/Library/LaunchDaemons/com.ikey.bbot.plist
• Remove: /var/lock/bbot.lock
• Reboot the iPhone, reinstall SSH and change the default root password

Variant D

• Remove: /usr/libexec/cydia/startup
• Remove: /usr/libexec/cydia/startup.so
• Remove: /usr/libexec/cydia/startup-helper
• Remove: /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist
• Reinstall Cydia from the terminal as follows:
      Su root
      alpine
      get-app remove cydia
      get-app install cydia
• Reboot the iPhone and change the default root password

This entry was posted on Sunday, November 8th, 2009 at 22:27 and is filed under Stay Safe!. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.