The worm, 'Ikee' changes iPhone owners' wallpaper and replaces it with a photo of '80s pop star Rick Astley and the message "ikee is never going to give you up".
Twenty-one-year-old Wollongong resident Ashley Towns, said he created the virus out of curiosity and boredom.
"I had just formatted my iPhone and it told me to set the password in bold, big letters and I wondered how many people have actually done that," Towns said.
"So I ran a scan on my [Optus] 3G network and there was 26 phones running the service that's vulnerable, and out of that 26, 25 hadn't changed their passwords."
Towns said he loves the iPhone so there was no vendetta against Apple, just disbelief that many users had failed to change their passwords when requested to do so.
"It's the simplest thing to change your password, it's not hard and if you're going to install something like SSH... I could have gone through and read people's messages and emails - all their barter was up for grabs," Towns said.
Although Ikee does not appear malicious, it has the potential to be modified and perform tasks such as stealing sensitive information from iPhone users. The worm can affect jailbroken iPhones running a Unix utility called SSH (Secure Shell) with the iPhone's default password, "alpine," still in use.
Once in place, the worm appears to attempt to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself again.
Towns admitted he was targeting phones on both Telstra and Vodafone, as well as Optus, however he soon discovered that Telstra and Vodafone are behind NAC firewalls, making their SSH inaccessible.
However, he said the worm can spread between phones on the same Wi-Fi network.
Despite admitting the virus was a form of vandalism, Towns said he stands by his decision to release the worm.
"All the worm does is change your background to Rick Astley, so it's not malicious, it's not going to harm anyone's phone other than people having to look at Rick Astley until they remove it," Towns said.
Although so far confined to Australia, Towns said the virus has the potential to spread globally and claimed to have read reports the virus turned up in China
Australian iPhone users have reported their experience with the worm, flooding Internet forum Whirlpool with posts about their experience.
Security vendor Sophos reports that at least four variants of the worm code have been written so far, with one variant trying to hide its presence by using a filepath suggestive of the Cydia application.