Dutch hacker accesses jailbroken iPhones apologizes

Running a jailbroken iPhone has its risks, as a Dutch young hacker has demonstrated. Specifically, he used a bit of port scanning to find jailbroken phones with SSH running in the Netherlands. From there, he sent unsuspecting users a message that reads, “Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.”

The URL directs the users to Paypal and requests €5 in exchange for instructions that explain how to remove the hack. But how did he get in? By relying on users’ forgetfulness. All iPhones have a default root password. Those who forget to change it are vulnerable to this very kind of attack.

It appears the young hacker has had a change of heart on the money issue, and posted instructions for undoing what he did to several Dutch iPhone users. According to a commenter below, he has also apologized for asking for money and returned whatever ill-gotten gains he received from his stunt. However, that doesn’t mean someone else couldn’t pull the same trick and just not tell you about it. If you jailbreak and do things like leave an SSH daemon running, change the default passwords.

Source: Ars Technica

Pin It on Pinterest

Shares