A recent security note from security vendor Intego has revealed that 'jailbroken' iPhones are being targeted and added to a mobile botnet by a new worm, Duh.

Thus far, the virus has been scanning the IP addresses of the Internet service providers in the Netherlands, Hungary, Portugal, and Australia.

According to security experts, the virus has been so designed by the hackers that it attacks an unprotected Apple iPhone, copies itself on the smartphone, and secretly takes control of the device by the means of its Internet connection.

Analysts opine that only 'jailbroken' iPhones are exposed to the Duh Worm, since the users disable the key Apple security features to circumvent the terms of usage deal that they are supposed to comply with. As per Intego, the Duh Worm scans 'jailbroken' iPhones which have installed Secure Shell (SSH) and have not changed their default password.

Saying that the hackers are likely using the Duh Worm to obtain passwords to banking sites, Graham Cluley, a researcher with anti-virus software maker Sophos, said that the virus directs the browser of an iPhone user to hacker-controlled replica bank website.

Noting that iPhone users who try to jail break their devices actually run higher security risks than the supposed benefits, Cluley said: "They're leaving their back door open. Every one else knows what the key is to open that door."