The iPhone has had its long reign without any signs of virus’s, malicious code and worms. It was only a matter of time before a hacker would figure out how to write and compile a virus that could effect the iPhone. Unfortunately that time is now and it is important that user’s who have jailbroken their iPhone know exactly what this virus is,how it effects your iphone, and most importantly how to get rid of it and protect yourself…
What is this so called iPhone virus?
This is a complicated question because there are many forms of the virus now. However I will start by explaining the most conman form of the virus. The first iPhone virus and probably the most conman iPhone virus that is in effect was created by a 21 year old student in Australia and it was called Ikee. The virus worked on jailbroken iPhones that had installed openSSH and left their password as the default defined password of alpine. This was a mistake that was made by almost all people who installed the application. Without any password protection the program allowed hackers to gain access the iPhones file system via wifi which allowed the virus to spread like wildfire. While the virus Ikee was more of a practical joke than anything; it simply changed the users wallpaper to that of the 1980s pop star Rick Astley and displayed the following message “ikee is never gonna give you up”.
The creator of the Virus released the source code which was a big mistake on his part, because then other hackers evolved the virus to do more damaging and malicious things. However the only way you can get infected by one of these virus’s is if you install the application called openSSH. This application is used by developers to access files on their iPhone for developmental purposes, however because users who install the application don’t change their password from the default it now allows hackers to be able to gain access to your iPhone and steal sensitive data. Luckily removing the virus’s and protecting yourself from the virus’s are extremely simple!
**Note any of these iPhone virus’s are considered to be a security threat and even if you have not been infected with one of these virus’s that doesn’t necessarily mean that your data hasn’t been stolen. The chances of having your data stolen are fairly slim but if you have openSSH installed and the password is left as default there is always a chance that you data has been stolen. The only solution to not getting infected by one of these virus’s and also to prevent your personal data from being stolen is to either uninstall openSSH or change your default password by following this tutorial here. You are in no risk of getting the virus if you do not have openSSH installed (if you do not know what this application is then chances are you do not have it installed on your iPhone) or if you have changed your password.
Ikee Virus Summery
Symptoms: Installs itself via openSSH vulnerability and changes your lockscreen wallpaper to that of the 1980s pop star Rick Astley and displays the following message “ikee is never gonna give you up”. There is also another version of the Ikee virus that acts the same way as the original virus but displays a sort of ransom message saying “you must donate to the author or I will gain access to all your files”. Don’t worry if you are infected by this version it is simply a rewrite of the Ikee virus and acts the exact same way. Just follow the instructions and remove the virus ASAP.
Virus Threat Level: Low; This virus simply changes your lockscreen wallpaper. If you have been infected with this virus hopefully harm has been done to your iPhone and no data has hopefully been stolen. This virus is simply a warning to you that you must change your openSSH password immediately. It is always possible now that if you have not changed your openSSH password that data could have been stolen, however continue following this tutorial to secure your iPhone so will not get infected ever again.
Solution: There are two solutions to uninstalling this virus…
1.) Simply do a restore via iTunes this will get rid of any traces of the virus and this is the easiest solution to removing the virus.
2.) This solution is harder, but if you don’t want to do a restore this is your only option at this point.
Step 1) Go into Cydia and in the search panel type “mobile terminal”. Install MobileTerminal and then restart your iPhone. When your iPhone restarts click the MobileTerminal icon and type in the following exactly as shown. (Everything is case sensitive so be very careful)
If These commands don’t work then this means you are infected by another version of Ikee. If this is the case, then you can either restore via iTunes or try these commands instead.
**Note if you remove the 4 files above, you will have to reinstall Cydia.
Symptoms: iPhone/Privacy.A is the complete opposite of the Ikee virus; this virus actually steals any data the hacker wants and shows or leaves no trace of it. This virus is undetectable via your iPhone and the only solution to not get affected by this virus is to change your openSSH password immediately. The way this virus works is by a hacker installing it on a computer, which he then scans for vulnerable iPhones and steals their data; leaving no trace whatsoever. The second way this virus spreads is by installing itself on a host computer (Linux,Mac and Windows are all vulnerable as the virus is written in python) and then your computer/ the host spreads the virus and leaches the data to the hacker.
Virus Threat Level: High; This virus is capable of stealing any data the hacker wants on your iPhone. It is very important that you secure your iPhone right away by changing the default openSSH password or uninstalling the application completely.
Solution: The solution to not getting affected by this virus is simple! If you have installed openSSH simply change your default password asap by going to this tutorial here. If you want to make sure your computer hasn’t been infected by this virus simply run a virus scan.
The Unnamed Battery Draining Virus (Or IKEE B)
Symptoms: The symptoms for this virus are extremely obvious and easy to detect; if your battery is running down abnormally fast then you have this virus. The reason your battery is draining so fast is because the virus is constantly running in the background trying to find other iPhones to infect.
Virus Threat Level: Medium; this virus doesn’t necessarily mean your data has been stolen but chances are if you are infected with this virus your battery will be dead within a few minutes. It is important that this virus is removed asap for your own safety and so you do not infect other iPhones in your area.
Solution: A solution other than a restore via iTunes has not been discovered. To get rid of this virus you have to do a full restore through iTunes.
Protecting yourself from getting infected
The thing about these iPhone virus’s is that they can only affect your iPhone if you have the application openSSH installed. This application is not installed by a default jailbreak, and you have to manually install the application through Cydia to get access to it. If you do not have openSSH installed on your iPhone you are in no risk of getting infected by one these virus’s. However if you have installed open ssh for whatever reason you must change your default password immediately by following this tutorial here. It is important that you change your default password so you will not be vulnerable to these virus’s. If you have no need for the application then uninstalling will also prevent you from getting any of the virus’s listed above.
Please share any tips on getting rid of these virus’s that are not listed here!