Published: 24th November 2009 | Author: Graham Jones
Reports suggest the new worm, called 'Duh' or 'Ikee.B' by researchers, is spreading quickly in The Netherlands.Some Dutch iPhone users visiting their online bank ING through their mobiles have reported being redirected to an imitation site by the worm, leaving them vulnerable to cyber criminals.
However, security analysts at Sophos say only jail broken phones are at risk. Jail breaking is a hacking process that allows devices to bypass the official App Store and run unapproved services.
Around four million out of 40million iPhones are believed to be jail broken by their owners.
The handsets at risk also have SSH (secure shell) installed, which allows other programs to remotely connect to the iPhone and download files.
If users have not changed Apple's default root password from 'Alpine' then the worm is able to get in and change the password giving them long-term access to the phone.
'Duh' can hunt for 'cracked' iPhones on a wide range of IP addresses including Australia, the Netherlands and Portugal.
Graham Cluley from Sophos told the Mail Online: 'This latest iPhone malware is doubly criminal. Not only does it break into your iPhone without permission, but it also cedes control of your phone to a botnet command server in Lithuania
