Jailbreakers Who Don’t Change SSH Password — There’s a Rickroll for That
For iPhone Jailbreakers using SSH to access their devices — without changing the default password — getting Rickrolled by a worm may be annoying (no worse than getting held for ransom by a hacker) but it’s a sign that far more insidious and malicious attacks are possible — so change those passwords now!
Back to the Rickroll. TUAW reports:
A hacker, going by the name “ikee,” created a worm that changes the home screen background on jailbroken iPhones whose owners failed to change the default password after installing SSH.
And the new background is, of course, Rick Astley. While removal details are included in an interview with the hacker, it’s better to be safe than sorry. So, check our iMuggle’s tutorial on how to change your SSH password, and change it right away.
November 8th, 2009 at 9:39 am
You’re just as lame as getting Rickrolled!
November 8th, 2009 at 9:44 am
Why would a developer waste their time doing this. Sad little loser…
November 8th, 2009 at 9:57 am
@Joe
Why would you waste your time commenting on a “sad little loser”? Its basically just promoting security, and informing those that susceptible to fix their hole.
November 8th, 2009 at 9:58 am
@ Joe mcg cause it’s effing hilarious. If that happened to me, and I just suddenly had Rick Astly as my background, I would die laughing………and then immediatly change my password
November 8th, 2009 at 10:01 am
Congrats Pablo, your a jerk!
On topic, this is quite scary and as JD says it would be beest if pwnagetool/redsn0w/blackrain or hell even cydia forced a password reset.
November 8th, 2009 at 10:05 am
I think it’s great that the hackers currently exploiting this lack of security seem to have a great sense of humor about it. @Ben Gillam that isn’t a bad idea, Cydia would be in a great position to vocally recommend people to change their passwords. I know that while I always have my SSH off, I never changed it’s default password until the hijack was reported last week. The awareness is working!
November 8th, 2009 at 10:17 am
Cool, I’ve been searching all over for a good Rick Astley wallpaper. I’m changing my password back to alpine now.
November 8th, 2009 at 12:08 pm
Speaking of root passwords, I installed Ubuntu the other day using Wubi, and Wubi refuses to allow you to install without setting up a root password.
November 8th, 2009 at 12:44 pm
So does this mean you guys need an anti-virus suite installed? Hehehe
November 8th, 2009 at 1:05 pm
RON JEREMY SAYS ALL YOU QUEENS HATING ON PABLO ARE JUST JEALOUS. RON JEREMY SAYS STOP THE HATE.
November 8th, 2009 at 3:46 pm
Pretty funny if you ask me… I think it’s a good way to point out the issue without causing any real damage.
Realistically the person could have done much more insidious things.
November 8th, 2009 at 3:51 pm
MADNESS! Iphone sends personel information to the developers of certain apps.
Click my name and check the full story!!!!!
November 8th, 2009 at 4:23 pm
Sorry for asking… What is SSH??
TIA
November 8th, 2009 at 4:27 pm
Ok. Found this on tiib
So, what’s SSH?
The first thing you would like to know is what SSH is. SSH stands for secure shell that is commonly used in Unix/Linux environment. You can use SSH to access a remote a computer and execute commands from another machine that may be miles away. Additionally, you can use it to transfer files to the remote computer, just like FTP. I’m not going to dig deep and throw out all the technical details about SSH. But just remember, SSH is a tool that lets you access machine or devices remotely. Here, the device is your iPhone.
November 8th, 2009 at 6:21 pm
Count me in as thinking it’s hilarious. But I wonder, why has it taken people so long to decide to do this crazy simple hack? Jailbreak has been around for over 2 years! Maybe it’s just certain European providers where the 3G smartphones all show up in a particular IP range accepting incoming SSH connections?
November 9th, 2009 at 12:35 am
One wonders if Apple isn’t silently cheering. Maybe sending money.
November 9th, 2009 at 1:07 am
Wow. The iphone weaknesses keep coming out of the woodwork. I’d just avoid the thing all together. Too much suckage.
Congrats on being the first smartphone with a virus.
November 9th, 2009 at 8:34 am
iPhone isn’t the first smartphone to have a virus, Symbian has had them ages.
November 9th, 2009 at 10:29 am
@Thor E
how is this an iPhone weakness? This affects people who jailbreak their devices, something apple clearly does not endorse.
November 9th, 2009 at 1:00 pm
At least ikee didnt change everyones ring tone to ‘Never Gonna Give You Up’…. Now THAT would have been a horrible hack.
November 9th, 2009 at 4:24 pm
Will changing the SSH PW impact future Jailbreaking or installation of any JB apps? Do any of these need the root PW to install? Simple tutorial and very easy to change by the way.
November 10th, 2009 at 6:52 am
Ok, so i’ve been rickrolled! Not funny when it happens to you. So can anyone point me in the right direction to get this removed, I have changed my root PW and it is still there, need help pls.
November 17th, 2009 at 5:01 am
Me pointing out that mobileterminal doesnt work on 3.1.2 serves the purpose to let others know who are running that firmware not to think there is a problem. I tried to boot up MT a dozen times and it would always crash and made the effort to find a fix to realize it doesnt work on 3.1.2.