First iPhone Virus. Don't worry.

Discussion in 'Latest Tech News and Rumors' started by cocotutch, Nov 12, 2009.

  1. cocotutch

    cocotutch Community Development Team Staff Member

    Oct 6, 2008
    Likes Received:
    5G iPod touch

    Imagine my surprise when I was sitting in Hamer Hall, Melbourne, booting up my iPhone because I wanted to snap a few pictures, and I see Rick Astley up on my Lock Screen.

    Luckily, I had heard of the "ikee virus" previously (ironically, I had read it almost 3 hours prior to entering the Hall) so I knew -- roughly speaking -- on how to get rid of it.

    The most annoying thing is, only Australians (or those abroad using the Optus Network) can be infected by it. And you have to be Jailbroken with SSH installed. I'm a bad person I know, I did have both done.

    Oh! Did I mention it stops you from using SSH again? And it prevents you from changing your Lock Screen Wallpaper?

    To remove this pesky little bugger, I restored. I had been waiting for an excuse to do so for over a week since Mobile Substrate and Winterboard were slowing my 3G to a crawl while my 3GS looked on smugly from the corner. There are instructions on how to remove it:

    [10:33] <JD> by correctly, I mean completely.
    [10:33] <ikee> Sure, variants A-C store files in these directories
    [10:34] <ikee> /bin/poc-bbot
    [10:34] <ikee> /bin/sshpass
    [10:34] <ikee> /var/log/youcanbeclosertogod.jpg
    [10:34] <ikee> /var/mobile/LockBackground.jpg
    [10:35] <ikee> /System/Library/LaunchDaemons/com.ikey.bbot.plist
    [10:35] <ikee> /var/lock/bbot.lock
    [10:35] <ikee> using an rm (in SSH or mobile-terminal on those files will remove it)
    [10:36] <ikee> then reboot the phone, change your password and reinstall SSH
    [10:36] <ikee> For variant D its abit different
    [10:36] <ikee> The locations are
    [10:37] <ikee> /usr/libexec/cydia/startup
    [10:37] <ikee> /usr/libexec/cydia/
    [10:37] <ikee> /usr/libexec/cydia/startup-helper
    [10:37] <ikee> /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist
    [10:38] <ikee> Of course cydia used these files previously so you may need to reinstall it after deleting this files
    [10:38] <ikee> *these
    [10:38] <JD> So the D variant overwrites system files?
    [10:39] <ikee> Overwrits cydia's files
    And these instructions can be carried out with (what I hope) a no-risk-to-your-data guarantee. I lost all my Contacts, Photos etc...

    Please Register or Log in to view images

    I should have posted pictures of it, but I was a good boy and turned Airplane Mode on so the virus couldn't spread to another Optus iPhone user nearby.

    Thanks for reading, and if there are any anxious people sitting there going "WTF! Why me?" you'll know you're not alone.

    UPDATE: If you choose the Restore Method. DO NOT click "Restore Previous Settings" as it comes back just as stubbornly as before. Making you....well....Restore. Again

    Please Register or Log in to view images


Share This Page