New Data Stealing Worm Targets Jailbroken iPhones

It's been a nasty week for jailbroken iPhones. First there was a blackmail hack, of sorts. Then there was a hack whick "rickrolled" devices, but was otherwise harmless (well, except for turning your iPhone into a Typhoid Mary). Using the same vulnerability, there's a new tool that allows a hacker to download user information off a jailbroken iPhone.

The worm was discovered by Intego security. As with the earlier hacks, three conditions need to be met before the hack will affect your device:

• The iPhone must be jailbroken
• SSH must be enabled (on)
• The root superuser (SU) password has not been changed from "alpine"

Don't worry; I didn't blow Apple's cover. "Alpine" has been well known as the root SU password for a long time.

To fix this, you can either disable SSH once jailbroken, or change the SU password, or both. To change the SU password, do the following on a jailbroken iPhone:

1. Install the MobileTerminal package from Cydia.
2. Run the app (named Terminal on your iPhone screen).
3. Type "su root" without the quotes and touch return.
4. Type the root password "alpine;" hit return. You are now logged in as root.
   
5. Type "passwd;" hit return.
6. Enter your new password. They won't be echoed to the screen, not even as "*," BTW. Hit return; you will be prompted to re-enter the password.
   
7. Enter the new password again; hit return.
   
8. Type "exit" and touch return.

Once done; you're safe, but be sure to remember the SU password. Don't forget also; these hacks actively search for vulnerable iPhones, so you just need to "pass" a location that is broadcasting the hacks.