Sophos' Graham Cluley, writing in his blog says "The worm will not affect users who have not jailbroken their iPhones or who have not installed SSH."  He goes on to say that "SophosLabs is analysing the worm's code, which suggests that at least four variants have been written so far. One of the attributes of the latest variant (labelled the "D" version) is that it tries to hide its presence by using a filepath suggestive of the Cydia application.

"The source code is littered with comments from the author suggesting the worm has been written as an experiment. One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them."

It appears that the worm does nothing more than change the background and go looking for other iPhones to infect; but that doesn't make it innocuous.  Such access is well-defined as illegal under Australian law; additionally, the virus is a perfect test-bed for other, more malicious, people to add their own payload.

Amusingly, Cluley's blog seems to expose the identity of the virus writer as a young man from Woollongong.  Readers can look at the blog for details – they won't be written here.

"If you have a jailbroken iPhone, change your SSH passwords now," urges Paul Ducklin, Sophos's Head of Technology, Asia Pacific. "If you don't have a jailbroken iPhone, you probably also ought to change those passwords, since it makes no sense to have poor passwords pre-configured for any operating system service, whether it runs by default or not.

Ironically, it seems that Apple don't want you to do that -- just the sort of operational restriction which led to jailbreaking in the first place."

(The author does not own an iPhone.  Perhaps a reader might like to add instructions on changing the SSH password as a comment to this article)