iPhone!  Botnet!

Those two words are likely to get people’s ears up.  The qualifier is that the security hole is with unsecured jailbroken iPhones that have enabled SSH.  The equivalent in the computer world would be telling everyone to set their root passwords to “alpine” and enable root access.  Then put your computer on the Internet without a firewall and leave it until someone logs in.

If you jailbreak your iPhone and don’t change your password, it is the equivalent to physically giving it to a malicious hacker.

It is important to note that standard, non-jailbroken iPhones or iPod touches are not at risk; it is extremely dangerous to jailbreak an iPhone because of the vulnerabilities that this process creates. (Estimates suggest that 6-8% of iPhones are jailbroken.) Jailbroken iPhones at risk are those where ssh is installed, and where the default password has not been changed.

This worm starts by searching its local network, as well as a number of IP address ranges, for available devices to infect. The address ranges it scans include those of ISPs in the Netherlands, Portugal, Hungary, Australia, and if an appropriately unprotected iPhone is found, the worm can copy itself to these devices.

When active on an iPhone, the iBotnet worm changes the root password for the device (from