News
Hacker targets jailbroken iPhones in extortion ploy
By Charles Starrett
Senior Editor, iLounge
Published: Tuesday, November 3, 2009
News Category: iPhone
A Dutch hacker has used an exploit commonly left open when jailbreaking an iPhone or iPod touch to try and extort €5 from a number of T-Mobile Netherlands users. Ars Technica reports that the hacker used port scanning to identify jailbroken iPhones on the network that had SSH running. As many users who had activated SSH had not changed the default root password, the hacker was able to hack into the devices and send an alert that appeared on the screen like an incoming SMS message. The false alert read, “Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files. This message won’t disappear until your iPhone’s secure.”
A visit to the website mentioned in the alert prompts the user to send €5 to a PayPal account, after which time the hacker will send the user an email with instructions to remove the hack. Ars notes that the hacker doesn’t appear to have malicious intent, as he/she states on the page mentioned in the alert that,” If you don’t pay, it’s fine by me. But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It’s just my advice to secure your phone.” Apple has often mentioned security issues as a reason why it is opposed to users jailbreaking their devices.
Related Stories
- AT&T doubles upgrade fee to $36
- Apple sues Motorola in U.S. over Qualcomm patents
- Apple airs new Siri-focused iPhone 4S ads
- Apple asks European standards body to set Frand rules
- iPhone accounts for 40% of new Sprint customers in Q4 2011
- Key iPhone, iPod executive left Apple last year
Comments
If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.
Recent News
- Apple exec Cue accepts Grammy honoring Steve Jobs
- ThinkGeek intros iCade 8-bitty game controller
- Apple requests audits of Foxconn by FLA
- Apple sues Samsung, seeks to block Galaxy Nexus in U.S.
- AT&T doubles upgrade fee to $36
- Apple TV supplies constrained, hint at new model?
- 16GB iPad 2 sees deep discount ahead of new model
- Apple sues Motorola in U.S. over Qualcomm patents
- iLounge Weekly coming early Monday, giveaway reminder
- iBackFlip launches Somersault case for iPad
Recent Reviews
- Cygnett Apollo for iPhone 4/4S
- Case-Mate Pop! ID for iPhone 4/4S
- Case-Mate Pop! for iPhone 4/4S
- Case-Mate Pop! With Stand for iPhone 4/4S
- Solid Line Products RightShift 2 Removable Keyboard Case for iPad 2
- Spigen SGP Kuel F60Q Battery Pack
- Just Mobile Highway + Highway Pro for iPod, iPhone + iPad
- Speck CandyShell and CandyShell Satin for iPhone 4/4S
- Jensen JiPS-310i Docking Speaker for iPod, iPhone & iPad
- FrappeDesign Smart Sleeve for iPad 2
Recent Articles
- iOS Gems: Adventures of Tintin, Reckless Racing 2 + Scramble With Friends
- Ask iLounge 2-3-12
- Making The Case For - And Against - An Apple iTV Television
- Instant Expert: iTunes U for iPad, iPhone and iPod touch
- Instant Expert: Secrets & Features of iBooks 2.0
- iLounge’s 2012 CES Best of Show Awards: Honorable Mentions
- iLounge’s 2012 CES Best of Show Awards: iPod, iPhone, iPad + Mac
- iOS Gems: Bug Princess, Dora Hops Into Phonics, It’s A Small World, Sleepy Jack + X Is For X-Ray
- The Complete Guide to Managing iTunes Videos
- Editorial: As CES Grows, Will Microsoft’s Loss Be Apple’s Gain?
1
This is exactly the scenario I envisioned when the first jailbreaks took place. Just imagine a hacker getting hold of your iPhone and keeping a connection open to some 1-900 number in Thailand (or if you are in Thailand, the US) all night long for any number of nights. You would end up with an enormous bill and I doubt there is thing one you would be able to do to avoid paying the charges.
Posted by Just Me on November 3, 2009 at 11:05 AM (PDT)
2
that’s exactly what I thought gonna happen! I’m woundering what other information can be retrieved from a jail broken iPPhone, ... contacts, passwords to ATT accounts, SS if saved, cotnacts can be used to send txt msg advertisement out,... or other….!
that’s the risk some of you guys take. I had mine jail broken for 1-2 weeks and then removed it completly because I saw security
Posted by dennis on November 3, 2009 at 1:59 PM (PDT)
3
What about just turning of SSH? It’s not that hard to do and would mitigate the risk of JB your iPhone. Right?
Posted by ender on November 3, 2009 at 2:44 PM (PDT)
4
good choice but what about all the other functions that could be used to exploit user data? ... how do we know that if we install an apps on our hacked iphone and during the actual install other data will be send out to the developer who then could use this information to do wrong….
Posted by dennis on November 3, 2009 at 6:17 PM (PDT)
5
This are the consequences by jailbreaking your iPhone or iPod Touch…
Posted by Hansel Jr on November 3, 2009 at 11:16 PM (PDT)
6
Jailbreak, is one thing, but be soooo stupid so you don’t change default password well that is a real security concern.
Peoples just don’t understand this, use strong passwords, and use differents passwords depending the level of thrustness of the service you are registering with.
Just use your brain, and what if you portscan yourself to see if something is opened!!
I believe its not that hard….. a 10yo could figure
Posted by Math on November 4, 2009 at 9:02 AM (PDT)