iOS Jailbreak Backdoor Tweak Compromised 220,000 iCloud Accounts

Posted on

The recent security breach on iOS platform left 220,000 iCloud user accounts vulnerable due to a backdoor privacy attack caused by the installation of a malicious jailbreak tweak, according to an online Chinese vulnerability-reporting platform WooYun.

Yes, 220,000 is a huge number considering it happened to iOS, one of the most popular mobile operating system that is designed by Apple. But don’t get too frightened because this security flaw has nothing to do with Apple’s security and happened after a jailbreak attempt.

iOS Jailbreak Backdoor Tweak Compromised 220,000 iCloud Accounts
iOS Jailbreak Backdoor Tweak Compromised 220,000 iCloud Accounts

WooYun is a Chinese platform that reports on user submitted security flaws discovered by the researchers in an attempt to provide feedbacks to relevant vendors. So it is, in fact, a reliable website.

According to the post on their website, they have outlined the details about this backdoor attack that breached 220,000 iCloud accounts because of the installation of a malicious jailbreak tweak. In the page, they have also mentioned that the notification about the security flaw has already been issued to the appropriate vendors –apparently Apple.

Below is the (slightly broken) translated version of the report.

wooyun

What should make the iCloud users worried is that if your account credentials are breached then it is surely going to have a negative impact as the leaked credentials grant an easy access to your personal information stored in the iCloud including all your photos and contacts.

Now you must be wondering that what the reason behind the flaw is. One of a Reddit user, self.jailbreak created a dedicated post about the issue where he outlined that the security breach affected the users in a specific region only and had abounded reach.

“THIS WAS ANNOUNCED BY A CHINA SECURITY WEBSITE WOOYUN (IT MEANS BLACK CLOUD IN CHINESE BASED ON SOUND) EARLIER ON THEIR WEIBO, AND IT IS BASICALLY TELLING THAT THERE ARE SOME SHADY TWEAKS THAT HAVE BACK-DOORS IS STEALING JAILBREAK USER’S ICLOUD ACCOUNT AND PASSWORD TO A REMOTE SERVER, WHICH SO FAR THERE ARE ROUGHLY 220 THOUSAND ACCOUNTS HAS BEEN LEAKED. THEY HAVEN’T ANNOUNCE THAT WHO STOLE IT AND WHAT FOR, BUT AS FAR AS WE KNOW THAT, IF THEY HACK INTO OUR ICLOUD ACCOUNTS, THEY CAN HAVE ACCESS TO OUR MAILS, PHOTOS OR EVEN PRIVATE STUFF.”

So considering how privacy conscious the iOS jailbreak community is and the tweaks and plug-ins released by them is secure, which makes it highly unlikely that a malicious jailbreak tweak would affect such a huge number of users, and that too by the installation of a single tweak or plug-in.

Here is the proof of the leaked iCloud account data, but apart from this picture, there is nothing else has been surfaced on the Internet yet!

zheng

One of the related Reddit users posted a valuable comment on the post that says:

“IN ASIAN COUNTRIES, IT IS VERY COMMON FOR PEOPLE TO BUY PHONES, NEW OR USED, FROM TECHNOLOGY MARKETS. AT THOSE MARKETS ARE LOTS OF COMPETING STALLS SELLING PHONES, AND JAILBREAKING YOUR PHONE AND SELLING IT TO YOU PREINSTALLED WITH LOTS OF JAILBROKEN / PIRATED APPS IS PART OF THEIR SERVICE.

THAT IS PART OF WHY JAILBREAKING / PANGU IS SO POPULAR IN ASIA / CHINA. THERE ARE ENTIRE MARKETS OF CHINESE-ONLY PROGRAMS AND APPS THAT WE ARE NOT REALLY EXPOSED TO HERE ON THIS ENGLISH- / WESTERN-DOMINATED SUBREDDIT.

ANYWAY, MY POINT IS THAT IF ONE OF THESE “SHADY” APPS IS SOMETHING THAT WAS SOMEWHAT COMMON FOR THESE 3RD-PARTY SELLERS TO INSTALL, THEN THIS STAT WOULDN’T BE THAT SURPRISING. IT DOESN’T TAKE 220,000 PEOPLE WITH PERSONAL TECH KNOW-HOW TO JAILBREAK AND DOWNLOAD A TWEAK: IT JUST TAKES 220,000 PEOPLE BUYING FROM A FEW HUNDRED / THOUSAND TECHNOLOGY BOUTIQUE SHOPS THAT PRELOAD THE SOFTWARE.”

He did raise a valuable point here that it seems like this attack is caused by the installation of malicious tweaks and plug-ins by the third-party sellers, and then the users used those infected devices resulting in a breach of their accounts.

HOW CAN YOU PROTECT YOUR ICLOUD ACCOUNT?

We all know that jailbreaking your iOS device makes it vulnerable to malicious attacks resulting in an increased risk. To protect yourself from these malicious attacks, it is recommended you to take the following precautionary steps:

Tip #1 – Enable two-factor authentication on your iCloud account.

Tip #2 – Don’t download tweaks from any untrusted or third party repository.

Tip #3 – Stay away from pirated apps or tweaks.

But still, even after following the above-mentioned tips you might be vulnerable to security threats because a jailbroken device is never secure!

Source:https://www.hackread.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s