F-secure have announced that they’re tracking a rather dangerous new variant of the iPhone worm. Unlike the rickrolling, rather friendly, self propagating worm called ikee that attacked jailbroken iPhones with default passwords, the latest worm derivative is targeted at online banking users. The worm redirects calls to ING Direct’s banking portal to a look-alike site which in turn asks for your login details. Unwitting customers then input their details which are of course logged by the nefarious characters behind this latest attack.

At the moment the worm only targets iPhones in the Netherlands but F-secure has reported that the worm has the potential to act as a botnet. Needless to say, those who jailbreak their iPhones should definitely change the default root password, which can be quickly and easily done using the free Mobile Terminal available from Cydia, especially if you have SSH installed. At the moment, the worm is geographically isolated to Holland, but there’s no guarantee it’ll stay that way, so do yourself a favour and lockup your iPhones.