iPhone Jailbreak Fraud Attack – Immediate Implications

By   ISBuzz Team
Writer , Information Security Buzz | Oct 16, 2019 05:28 am PST

A malicious website posing as checkrain[.]com was launched by hackers this week, which poses as the real site that researchers are building to modify and jailbreak iPhones. The fake site instead launches a hacking tool that tries to take over affected devices.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Sam Bakken
Sam Bakken , Senior Product Marketing Manager
October 16, 2019 1:35 pm

The jailbreak community is eagerly awaiting the release of checkra1n and adversaries are very smart about monitoring social media and current events and developing schemes to use news as fuel for fraud. Similar to attackers capitalizing on people\’s excitement surrounding Fortnite for Android this time last year by tricking users into thinking they were gaining early access but instead installing malware, adware and spyware on their Android devices — attackers are now targeting the jailbreak community specifically. This bogus website promises to jailbreak an iOS device and displays a number of animated graphics to convince the user that their device is in the process of being jailbroken when in fact it is not at all.

First of all, general iOS users should steer clear of jailbreaking their devices because it de-activates a number of standard security controls that keep them safe. Second, general iOS users should not install profiles from websites or really anywhere unless a trusted member of their IT team is guiding them.

App developers and publishers should take away from this incident that iOS is just as vulnerable as Android, and they need to take steps to fortify both their iOS and Android apps and users against threats such as these. They should institute jailbreak detection in their apps and balance that with risk indicators that might result in them limiting the functionality of an app in certain situations. And, they should implement in-app protection and app shielding capabilities that monitor their apps during runtime to identify and shut down any potentially harmful activities.

Last edited 4 years ago by Sam Bakken

Recent Posts

Would love your thoughts, please comment.x