1 Comment

Summary:

iPhone Malware has been getting an awful lot of coverage lately, hasn’t it? I’m sorry to add to it, but sophos.com reports that the author of the Ikee iPhone worm has (somewhat predictably) earned himself a nice new job for his troubles. Ashley Towns is twenty […]

iPhone Malware has been getting an awful lot of coverage lately, hasn’t it? I’m sorry to add to it, but sophos.com reports that the author of the Ikee iPhone worm has (somewhat predictably) earned himself a nice new job for his troubles.

Ashley Towns is twenty one years of age, Australian, sports a fair bit of lip-and-nose-metalware and is also the latest employee of mogeneration, a company that specializes in iPhone application development.

The Ikee worm was widely reported as the world’s first iPhone worm. It affected only iPhones that had been jailbroken, replacing their wallpaper with an image of 80s pop sensation Rick Astley and the headline text “Ikee is never going to give you up.” (Whether that makes it malicious or not depends entirely on your opinion of that coiffed crooner.)

While Ikee didn’t do anything too nasty, an understanding of the precise security weakness the worm exploited was shared quickly on the Internet via widespread reporting in the tech press. Only a matter of days later, the Duh worm (also known as Ikee.B) was found in the Netherlands. Researchers discovered the Duh worm was based largely on Ikee, exploiting the same weak-password method; however this variant of Ikee was much more sinister, acquiring iPhone owners’ online banking information.

Of course, Towns’ can’t be held responsible for the Duh worm, but would Ikee.B have existed if not for Ikee? Didn’t Towns open the door for opportunistic malware authors looking for a way to take advantage of less diligent iPhone jailbreakers? Furthermore, is it appropriate he has been rewarded for his actions?

It’s that age-old argument; should malware authors be punished with heavy fines and jail sentences, or should they be gainfully employed by security companies, where their mad programming skillz can be used to benefit society?

  1. because most peole seem to have forgotten an very imortant detail to, i just have to add this: ikee was not malware at all, it did an usefull service for its victims. not only by getting attention and warning people without doing real damage, it also closed the door behind it by changing the root password, thus rendering the device invulnerable by follow-up warms. it almost like having a certain illness as a child and being immune for the rest of your life.

    Share

Comments have been disabled for this post