New iOS Hack Warning Issued To iPhone Users

Posted Posted by Admin in News     Comments Comments Off on New iOS Hack Warning Issued To iPhone Users
Oct
16

Users of older versions of Apple’s iPhone are being warned against jailbreaking their device after Cisco Talos security researchers discovered a new targeted click fraud campaign.

Capitalising on the recently disclosed “checkra1n”, the malicious campaign leverages a fake website that claims to give iPhone users the ability to jailbreak their phones. Instead, the fake website, checkrain[.]com, prompts people to download a malicious profile and consequently fall victim to click fraud.

The real checkra1n, developed by security researcher axi0mX, uses the recently discovered unfixable checkm8 vulnerability to modify the bootrom and load a jailbroken image onto the iPhone. 

The checkm8 vulnerability impacts all legacy models of the iPhone from the 4S through to the X. 

How the fake checkra1n campaign works

At a glance, the fake checkra1n site looks legit, even using names of well-known researchers such as Google Project Zero’s Ian Beer and CoolStar. But it contains some giveaways that indicate it’s fake. For example, although the checkm8 exploit and the checkra1n jailbreak only impacts iOS devices running on the A5 to A11 chipsets, the fake website mentions the A13. 

Any user visiting the fake website is asked to install a “mobileconfig” profile on their iOS device. Once the app is downloaded and installed, a checkrain icon appears on the user’s iOS springboard. “The icon is in fact a kind of bookmark to connect on a URL,” said Cisco Talos researchers Warren Mercer and Paul Rascagneres. “This icon may look like an app from the user’s perspective, but it actually doesn’t work like one at all on the system level.”

They explained: “It is to allow the user to “click” the jailbreak app and thus prepare the iOS jailbreak. This is just a fake jailbreak being used via the profile the user just installed.”

At the end of the process, a user will notice multiple redirects occurring on their iOS device. “This ultimately occurs in click-fraud, resulting in multiple verification chains and then finishing on an iOS game install, with in-app purchases available,” the researchers added. 

Then the user is told to “have fun” for seven days to ensure their unlock completes.

“This is obviously nonsense—the user will merely provide more interactive sessions through the gameplay, which may result in additional revenue for this attacker,” the researchers said. 

The researchers found that most victims of the fake website were based in the U.S. and that the U.S., U.K., France, Nigeria, Iraq, Vietnam, Venezuela, Egypt, Georgia, Australia, Canada, Turkey, Netherlands and Italy were targeted by this campaign.

Checkra1n and the case against jailbreaking 

Jail breaking–a practice that allows people to work around Apple’s operating system controls–is used legitimately by researchers and users, but it can leave your phone open to attack. “An attacker could jailbreak a device for malicious purposes, eventually obtaining full control of the device,” Mercer and Rascagneres warned.

Yet because jailbreaks are so rare, they can be extremely attractive to users wanting to customise their iOS device. It’s a major security risk because it also means you can end up on an old and vulnerable version of iOS to avoid Apple’s patches. 

“When attempting to root a device there will always be an element of risk,” says security researcher Sean Wright. “However, now that risk seems to have expanded to include fraud.”

In this scenario the risk is pretty benign: simply generating revenue for the attacker, says Wright. “However, it could possibly lead to more malicious outcomes down the line.”

For example, says Wright, attackers could gain the ability do things such as steal personal data from the device. 

What to do

First and foremost, it’s integral that you don’t download random profiles from the internet. “Don’t install configuration profiles from an unknown website as these allow the attacker to manage or change settings on your device and even take control,” ethical hacker John Opdenakker warns. 

Security researchers might need to jailbreak their phones, but they will usually know what they are doing. Unless you are absolutely confident, it’s a better idea to just leave your iPhone alone.

“Unless you absolutely require jailbreaking your phone, I’d highly recommend against doing so,” says Wright. “If you have to jailbreak, do your homework to make sure you are downloading the correct payload and following the right instructions.”

Comments are closed.

Unlock Any iPhones including iPhone 6S Plus,6S,6,5S,5C 5 4s 4 3gs 3g 2g

Permanent unlock any iphone with any IOS very Fast and Cheap Visit HERE
Share |

eXTReMe Tracker