The virus has been detected in the Netherlands and can only attack iPhones whose users have disabled some pre-installed security features, according to analysts monitoring the progress of the virus, known as the Duh Worm.

The hackers are trying to use the virus to obtain passwords to banking sites in the Netherlands, according to Graham Cluley, a researcher with anti-virus software maker Sophos. When an iPhone user tries to access a bank website, the Duh Worm directs the browser to a look-a-like site controlled by the hackers, Cluley said.

The phones that are vulnerable are "jail broken" phones, where users disable key Apple security features to get around the terms of usage agreement that they are designed to enforce. For example, Apple prevents users from switching service providers tounauthorised carriers and limits users to the approximately 100,000 programs that the company has vetted for installation on the device. There are thousands ofunauthorised programs covering areas including internet phone calls, WiFi access and pornography.

Three independent security experts said that it is best for iPhone users not to jail break their devices because the security risks are greater than the benefits. "They're leaving their back door open. Every one else knows what the key is to open that door,"Cluley said.

The case, which was widely reported by security experts on Monday, is the first in which iPhones have been recruited into a "botnet," or army of infected devices that hackers can control from a central "command and control centre."