The growing popularity of the iPhone platform can only mean one thing. Nope, it has nothing to do with the flakiness of AT&T’s 3G network in San Francisco. It means that we’ll be seeing more iPhone security threats rearing their ugly heads. A new variant of the original “Ikee” iPhone worm, dubbed “Ikee-B,” targets jailbroken iPhones with unsecured SSH passwords. The new Ikee-B worm infects susceptible iPhones and lies hidden until the user visits Dutch bank ING’s website. Once logged in, Ikee-B steals passwords and financial information.
To be clear, only jailbroken iPhones with default SSH passwords are vulnerable to the Ikee-B worm. Previous iPhone attacks demonstrated the need for jailbroken iPhone users to change the default password, but it’s apparently still a big enough security hole to inspire this new bit of malware. Even worse, this version of the worm isn’t just going to “Rick Roll” your homescreen, it has the potential to drain your bank account.
Now, before you panic, keep in mind that Ikee-B is only being reported in The Netherlands. It’s possible that the worm could make its way to other European countries and Australia. More importantly, you can close your jailbroken iPhone’s vulnerability by changing your default SSH password. We have instructions on how to do that here.
Seriously, change your SSH password now!
[Via: MobilitySite]