A Dutch internet service provider has identified a worm that installs a
backdoor on jailbroken iPhones and makes them part of a botnet.
The worm, according to XS4ALL, targets jailbroken iPhones whose owners have
carelessly failed to change the default password. In addition to connecting to a
Lithuanian master command channel, it also changes the root password for the
device, making it harder for owners trying to regain control. Infected iPhones
are also tagged with a unique ID number.
"A number of customers with jailbroken phones have been found running unknown
software on their phones which is trying to compromise other iPhone users at
other telecommunications providers," the XS4ALL advisory stated. "XS4ALL
strongly advises caution against jailbreaking if you are not fully aware of the
potential risks to your privacy and security."