The second ever iPhone worm has turned up, and this one is far more serious than the previous joke effort which merely deposited a picture of Rik Astley.

The worm, dubbed “duh”, targets online banking users, attempting to siphon off information (presumably password details).

“Duh” is likely based on Ikee, and like Ikee it only affects jail-broken iPhones – those which have been modified to run unauthorised software with SSH installed, and have been left set with the default password.

According to Sophos anti-virus expert Graham Cluley, the worm is “much more serious than the original Ikee worm because it is not limited to infecting iPhone users in Australia, and communicates with an internet control and command centre, downloading new instructions – effectively turning your iPhone into part of a botnet.”

The obvious advice given is that if you have a jail-broken iPhone – change that default password.