An ISP (Internet service provider) from the Netherlands had just discovered an iPhone worm that infects jailbroken versions of the popular Apple-branded device by installing a backdoor and assimilating them into an insidious and constantly growing botnet. According to the XS4ALL ISP, the worm specifically attacks jailbroken iPhones whose owners have neglected to modify the default password. Other than linking to a Lithuania-based master command channel, this example of the next generation of malware also alters the root password for the iPhone, which makes it a lot more difficult for owners to regain control of their hijacked mobile device. Contaminated iPhones are also given a unique ID number as well.

A number of people who have availed of these jailbroken phones have been spotted running dubious and suspicious applications on their communication devices, which actually helped propagate the endless spread of the worm to other users at other telecommunications providers. Even though the amount of compromised iPhones has not been widespread enough to cause worldwide panic, XS4ALL still deemed the mere existence of the malware significant enough to report to the online news media. The ISP's advisory further recommends that people should not bother getting their iPhones jailbroken in the first place, especially if they are unaware of its potential hazards to their security and privacy.

The malicious software has the capability of pillaging SMS databases. What's more, an examination conducted by the Security.nl website has discovered a destructive code from the worm that actually searches for mobile transaction authentication numbers utilized by some financial institutions to carry out two-factor authentication on the SMS platform. A separate yet similar analysis has been done by the Sophos security firm as well.

In addition, the worm attempts to further spread itself into the wild by scanning a multitude of IP ranges, which includes those run by carriers such as Optus (from Australia), UPC (from the Netherlands), and T-Mobile (from Germany). The worm is particularly lively and perilous when it gains access to wifi networks. One symptom of an infected device is the occurrence of shorter battery life when the phone is connected to 802.11 networks because the malware produces so many connections during the duration of the wifi session.