Worm author tells media he initially infected 100 iPhones

Graham Cluley
Graham Cluley
@[email protected]

Ashley Towns, author of the ikee iPhone worm
The author of the world’s first iPhone worm appears to be feeling pretty cocky about the whole incident.

Without a hint of apology, or the slightest acknowledgement that he may have done something wrong, Ashley Towns has been speaking to the media who have contacted him via his Twitter account.

Towns, who goes by the online handle of “ikex”, spread the ikee worm which broke into jailbroken iPhones and installed a picture of Rick Astley before hunting for other vulnerable devices. In an interview with ABC News, the 21-year-old student was asked if he knew how many iPhones had been affected:

"Due to the nature of it, it's kind of hard to tell, I know my phone hit about 100 alone but from there I have no idea," he said.

Sign up to our free newsletter.
Security news, advice, and tips.

So, it appears that Ashley Towns is admitting that he personally infected 100 iPhones from his own iPhone. Those iPhones would then have tried to infect other jailbroken iPhones, and so on, and so on..

Each of these affected users would need to take action to repair their iPhones from the unauthorised modifications. Yes, they should have been better secured in the first place – but surely that’s not an acceptable justification for virus infection?

And don’t forget, Ashley Towns will have cost each infected iPhone user all the bandwidth used by his malware – remembering that even just trying to initiate TCP connections to computers which won’t accept them wastes some data – and his worm has some huge IP address ranges through which it tries to open connections.

The bandwidth used by the worm will come out of users’ monthly data quotes or – depending on their payment plan – out of excess data charges. Lord forbid you should be unknowingly roaming overseas whilst infected!

[polldaddy poll=2228830]

Towns has said on his Twitter page that he is receiving requests from people for the source code to his worm. Sophos has contacted him requesting that he does not share it with any further people – as it could lead to more malicious iPhone malware being written in the future.

It remains to be seen whether the author of the first iPhone worm will recognise the seriousness of what he has done, and take appropriate steps to minimise the damage.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.