The Lookout Blog

Jailbroken iPhone? Dont get hacked!

If you own an iPhone, this one’s for you.

Recently a Dutch hacker took control of iPhones in the Netherlands, forcing them to display the screen you see at the right of this post, notifying users that he would remove the screen and fix the problem, for a small ransom of 5 Euro. So how did he do it?

You’ve possibly heard the terms ‘jailbreak’, ‘jailbroken’ and more when referring to the iPhone before. For those who are unfamiliar, ‘Jailbreak’ refers to unlocking key parts of the phone that prevent you from making modifications to the iPhone’s operating system, features, files, or installing software not approved by Apple. The allure of doing so is often for adding in 3rd party software not supported or approved by apple, customizing your phone’s look, themes, actions, and more. But often times jailbreaking comes with risk, unknown to the non-security conscious user. Most jailbroken phones have various forms of remote access for moving or uploading files to the phone, etc. The problem lies in the fact that the phone’s ‘root’ account (think of it like your ‘Administrator’ account on your Windows PC or Mac) is enabled and has a default password that is the same across all jailbroken devices. If an attacker is to gain access to this account, they have full control of your device, to upload what they want, modify the phone how they want and more. The hacker scanned dutch networks and found devices with this default account enabled, & took control of this very hole, which enabled him to command these devices how he chose.

While this hacker only wanted a donation to fix the hole and nothing more (and has now since stopped asking for money and started volunteering to help users fix the issue) it could have been worse.  If you have or own a jailbroken iPhone or iPod Touch, SSH into your device, and use the ‘passwd’ command to change your root password right away.

If you’re unsure how to do this, the easiest way is as follows:

1. Download ‘Mobile Terminal’ in the Cydia app on your Jailbroken device.

2. Open the Terminal app, and type in “su root” and hit enter, & provide the root password. The default password as provided by apple is “alpine”.

3. Type in “passwd” and hit enter, and then type in your new password twice (if you cant see the letters you’re typing in on the screen, that’s because they are hidden for security).

4. You should also change the password for the “mobile” (default) user as well. Type in “passwd mobile” and hit enter, and type in a new password twice, as you did above.

5. Close mobile terminal, and you should be all set!

Questions? Comments? leave em here, or feel free to send us a reply to @flexilis on Twitter, or by dropping us a line by email, at support.at.flexilis.com