A malicious website posing as checkrain[.]com was launched by hackers this week, which poses as the real site that researchers are building to modify and jailbreak iPhones. The fake site instead launches a hacking tool that tries to take over affected devices.
The jailbreak community is eagerly awaiting the release of checkra1n and adversaries are very smart about monitoring social media and current events and developing schemes to use news as fuel for fraud. Similar to attackers capitalizing on people\’s excitement surrounding Fortnite for Android this time last year by tricking users into thinking they were gaining early access but instead installing malware, adware and spyware on their Android devices — attackers are now targeting the jailbreak community specifically. This bogus website promises to jailbreak an iOS device and displays a number of animated graphics to convince the user that their device is in the process of being jailbroken when in fact it is not at all.
First of all, general iOS users should steer clear of jailbreaking their devices because it de-activates a number of standard security controls that keep them safe. Second, general iOS users should not install profiles from websites or really anywhere unless a trusted member of their IT team is guiding them.
App developers and publishers should take away from this incident that iOS is just as vulnerable as Android, and they need to take steps to fortify both their iOS and Android apps and users against threats such as these. They should institute jailbreak detection in their apps and balance that with risk indicators that might result in them limiting the functionality of an app in certain situations. And, they should implement in-app protection and app shielding capabilities that monitor their apps during runtime to identify and shut down any potentially harmful activities.