iPhone!  Botnet!

Those two words are likely to get people’s ears up.  The qualifier is that the security hole is with unsecured jailbroken iPhones that have enabled SSH.  The equivalent in the computer world would be telling everyone to set their root passwords to “alpine” and enable root access.  Then put your computer on the Internet without a firewall and leave it until someone logs in.

If you jailbreak your iPhone and don’t change your password, it is the equivalent to physically giving it to a malicious hacker.

It is important to note that standard, non-jailbroken iPhones or iPod touches are not at risk; it is extremely dangerous to jailbreak an iPhone because of the vulnerabilities that this process creates. (Estimates suggest that 6-8% of iPhones are jailbroken.) Jailbroken iPhones at risk are those where ssh is installed, and where the default password has not been changed.

This worm starts by searching its local network, as well as a number of IP address ranges, for available devices to infect. The address ranges it scans include those of ISPs in the Netherlands, Portugal, Hungary, Australia, and if an appropriately unprotected iPhone is found, the worm can copy itself to these devices.

When active on an iPhone, the iBotnet worm changes the root password for the device (from

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author