Thursday, November 26, 2009
The 21-year-old hacker who wrote the first iPhone worm has landed a job developing software for the phones.
Ashley Towns wrote Ikee, a self-propagating program that changed the phone's wallpaper to a picture of 80s pop singer Rick Astley.
Mr Towns has now been employed as a iPhone application developer for Australian firm mogeneration.
Ikee was not malicious but paved the way for a more serious variant which targeted users of the online bank ING.
"It leaves a nasty taste that he has been rewarded like this, yet has not even expressed regret for his actions," Graham Cluley of Security firm Sophos told BBC News.
Mr Towns said that he had created the virus to raise the issue of security. He has not faced any criminal charges.
It was designed to exploit jail-broken phones, where a user has removed Apple's protection mechanisms to allow the phone to run any software.
Estimates suggest there could be up to 25,000 jailbroken phones in Australia, whilst up to 10% of the more than 55m iPhones and iPod Touches devices sold worldwide are thought to be cracked.
It specifically targeted those handsets with SSH (secure shell) installed, a program that enables other devices to connect to the phone and modify the system and files.
The worm was able to infect those phones where the owners had not changed the default password after installing SSH.
It could be removed by changing the phone's password and deleting some files.
After it was found circulating "in the wild", a second worm was discovered. Mr Cluley said it was "based" on Mr Town's code and targeted people in the Netherlands who used their iPhones for internet banking with Dutch online bank ING.
The new worm redirects the bank's customers to a lookalike site with a log-in screen. It can also be used to remotely control the phone without the users permission.
Analysts said that it was designed with a "clear financial motive".
Mr Towns is the latest in a long line of programmers to find employment after a high-profile hack.
In 2008, New Zealand computer hacker Owen Thor Walker was hired by a telecommunications company as a security consultant.
He had previously pleaded guilty or being part of an organisation that was thought to have caused millions of dollars worth of damage.
"We interviewed Ashley, assessed him with our iPhone developer test - which he passed with flying colours - and we employed him today," said a spokesperson for mogeneration
Source from http://news.bbc.co.uk/2/hi/technology/8380265.stm