Data-stealing Hack Targets Jailbroken iPhones

Once more into the breach, my iPhone-wielding compatriots. On Monday, we heard about the iPhone vulnerability that allowed dastardly hackers to

on some jailbroken devices. Now, security firm Intego reports that the same loophole can allow hackers to do far worse.

As you may recall from the earlier story, the vulnerability here affects only jailbroken iPhones in which the password for the 'root' superuser has not been changed from its default. Only this time, instead of just changing your wallpaper to that of a boyishly-handsome '80s pop star, the new risk can give the hacker access to all of your data, including e-mail messages, contact info, SMS messages, calendars, photos, music, video, and info from third-party apps. And, like a ninja, it does so under the cover of darkness, never revealing that it's even been there.

Intego's calling the exploit iPhone/Privacy.A and describes it as a tool that can be run on a computer or another iPhone to scan a wireless network, locate vulnerable jailbroken iPhones, and pump them for information. However, it also admits that the number of iPhones that may actually be attacked by these means is likely to be minimal.

As with the previous exploit, this hack does not work on standard, non-jailbroken iPhones. So, if you must jailbreak your device, for whatever reason, there is one clear recourse: change your root password.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Security Watch Newsletter

Comments