Jailbreaking makes our iOS devices so much more awesome. But we all know that Apple does not like jailbreaks. Why ? This is one of the reasons: 220,000 iCloud accounts have been breached through a backdoor attack made by a malicious jailbreak tweak downloaded from a repo source that is not very trusted and was probably involved in piracy of jailbreak apps.
Image : Bad Cydia App causes iCloud Accounts Breach
WooYun, a Chinese online vulnerability reporting platform, was the first one to report this leak. The report is totally legit as WooYun is a legit platform where vulnerabilities are reported by security researchers and feedback is given by vendors. Thousands of security issues have been reported by WooYun in this month alone. WooYun has posted the particulars of this attack and has stated that a malicious plug-in or jailbreak tweak has compromised 220,000 accounts. The report also mentions that the vendors, which we presume to be Apple, have been notified about this attack.
Image : Leaked
Before all you jailbreakers panic and start unjailbreaking or deleting tweaks, note that this attack has not breached Apple’s security and has occurred under special conditions. Leaking of iCloud credentials can possibly have bad results and personal information can be accessed with the credentials in case the two factor authentication (2FA) is disabled for the account. So all the 220,000 hacked account users had not enabled 2FA for their accounts.
Who All Are Affected ?
The security breach seems to have affected only jailbroken iOS devices and that too in a limited area. It seems like the breach was restricted to China and its surrounding areas.
The WooYun report holds a malicious jailbreak release responsible for the breach. However, it is highly unlikely for a jailbreak tweak to penetrate so deeply into the system to affect a quarter million users. Therefore the chances of the attack being a result of a jailbreak tweak is very low. Such a large number of affected devices suggests that a more methodical and organized method of entry has been used for the attack, presumably a pre-installed backdoor.
Image : Some of the accounts that have been compromised [details hidden for security reasons]
There are malicious third-party repos and shady tweaks that can cause such issues, but not to that extent. And when the report notes that the breach resulted due to a malicious backdoor, then it is highly unlikely that any other reason is true.
How to Protect Yourself From Such Attacks :
Jailbreakers and non-jailbreakers both can stay safe from such attacks by following a few obvious but really important steps. Here are some things you can follow to keep yourself protected from such security breaches:
- Avoid installing tweaks from outside of Cydia
- Avoid adding unknown third-party repos in Cydia
- Do not pirate apps or tweaks
- Enable 2 Factor Authentication.
These are basic things, but keeping them in check can surely reduce the risks that come with jailbreaking. Subscribe to our newsletter and follow us on Facebook and Twitter; updates will be sent direct to your inbox.