New iPhone Jailbreakme.com method allows for malicious phone access

If you haven’t heard by now, you probably don’t have an iPhone, but you can unlock your iDevice by visting http://www.jailbreakme.com. However, the exploit used to jailbreak iPhone, iPod and iPad devices is reportedly about to be turned against the hacking community, we’ve been told. Once the exploitation method is disclosed to the public, black hat hackers would be able to take advantage of it by setting up their own websites that could load malicious code onto your device. This is done through the jailbreakme PDF exploit. Under this method, it would be possible to steal your address book, text message database, or much worse. There is going to be a security solution soon though, as BGR has been informed that a plugin named PDF Loading Warner” has been created to combat this potential security risk. It works by hooking into the device system and will display a warning before a PDF can be displayed. If you install this plugin and navigate to a website that should not be showing a PDF and get this warning, you are able to click “Cancel”, blocking the PDF from loading and subsequently stealing your data. It should be available from Cydia in the next day or two we hear, but more experienced users can grab the .deb file from the link below here and install it manually via SSH or iFile if they wish.

Note: This does not patch the exploit, but it will at least give you a bit of control.

Read [Direct Link]

blog comments powered by Disqus