Malacious Cydia Package can Brick your iPhone

iOS users are facing yet another threat. A thread showed up on Reddit over the weekend discussing a boot color changing mod, which, in itself is perfectly harmless. The mod was developed by @daytonhasty and @xerub and, provided the instructions give to install it are followed exactly, it’s fine. Unfortunately, some people did not follow these instructions and have ended up with a very expensive paperweight in the form of a bricked iPhone.

Image : Cydia Package that Bricks iPhone running iOS 8

ios 8 cydia brick Because of this, another developer has come up with a proof of concept tweak that demonstrates how jailbreakers could be fooled into installing what looks like a perfectly good package from someone with malicious intent. The problems with this mod come from invalid NVRAM variables. This non-volatile RAM holds onto certain information when you power down your device and invalid variables have the properties needed to kill off a perfectly good working device almost instantly.

Culprit Tweak :

Arcticsn0w has come up with a tweak called Killios that will kill your device as a proof of concept to show users what will happen if a malicious package is downloaded on to their device. Most of the time this type of malicious tweak will be found in the, shall we say, less reputable repositories that need to be manually added into Cydia.

Image : Cydia iOS 8 Sources List on iPhone 6 Plus

repo source iphone 6 ios 8

The Read Me file that comes with Killios clearly states that it is a proof of concept that will brick a device if installed. To protect yourself from such attacks you should avoid adding sources to Cydia that deal in pirate tweaks, and you should either uninstall openSSH or change the root password of your iPhone to something a little more secure than the default password, “alpine”.

Because of all the red flags that are being raised by these kinds of packages, a number of developers have got together to create a package that will stop modifications to NVRAM. The big question now is, will this make you exercise more caution in what you install or will you carry on as normal ?

Stay Tuned for More Cydia News :

Enter your Email Address :

*IMPORTANT : Check inbox for confirmation mail

Subscribe to our newsletter and follow us on Facebook and Twitter; updates will be sent direct to your inbox.

PREVIOUS POST

NEXT POST

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *