JailBreakMe site rings security alarm for iPhone and iPad users

Filed Under: Apple, Apple Safari, iOS, Malware, Mobile, Vulnerability

JailbreakMeA website that makes it child's play for iPad and iPhone owners to jailbreak their devices raises important security concerns.

The site, jailbreakme.com, exploits an iOS vulnerability to run unauthorised code on Apple customers' iPhones and iPads, including the new iPad 2. In this way they allow users to unlock their devices, and run programs that have not been approved by the official AppStore.

Usually jailbreaking requires users to connect their device to a computer before they can start to tamper with the set-up of their iPhone or iPad and gain access to the Cydia underground app store.

Sites like JailBreakMe make the process much simpler.

But if visiting the JailBreakMe website with Safari can cause a security vulnerability to run the site's code, just imagine how someone with more nefarious intentions could also abuse the vulnerability to install malicious code on your iPad or iPhone.

Jailbreak screenIf they exploited the same vulnerability in a copy-cat manoeuvre, cybercriminals could create booby-trapped webpages that could - if visited by an unsuspecting iPhone, iPod Touch or iPad owner - run code on visiting devices.

A website like JailBreakMe is making it easy to jailbreak your iPhone or iPad - but it could also be said to be giving a blueprint to malicious hackers on how to infect such devices with malware.

I don't want to be a party pooper for those who wish to jailbreak their Apple devices, but it's essential that Apple closes this vulnerability as quickly as possible.. before it is abused with malicious intent.

Interestingly, "Comex", the creator of the JailBreakMe website seems to recognise that hackers might copy the exploit to use in the form of an iPad or iPhone virus. However, he attempts to deflect any responsibility in his FAQ:

iPad and iPhone

"I did not create the vulnerabilities, only discover them. Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable. Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run."

Apple will be furious that this vulnerability has been made public in this way, and that they have not yet got an official patch to protect their millions of users.

Sophos's experts have added detection of the exploit code as Troj/PDFEx-ES, but as Apple does not allow anti-virus software to be listed in the official iPhone AppStore there is no on-device protection available for users.

This isn't the first time that JailBreakMe has made it simple to jailbreak your iPhone, and taken advantage of a vulnerability to run their code. Something similar happened last year and forced Apple to issue a security patch.

All eyes now turn to Apple to see how quickly it can secure its users from this new potential vector for iPhone/iPad malware infection. Leaving a security hole like this open is simply inviting malicious hackers to exploit it.

, , , , , , ,

You might like

11 Responses to JailBreakMe site rings security alarm for iPhone and iPad users

  1. Wasn't that PDF vulnerability supposed to be fixed in a previous iOS update ?!?!

    • cole · 1207 days ago

      im fairly certain this is a different vulnerability. PDF readers seem particularly hard to free of glitches and holes for some reason...

      • DavidRa · 1205 days ago

        Part of the reason that PDF readers are hard to write securely is that Postscript (which makes up the majority of the internals) is actually its own executable language.

        This means the PDF reader has to have a complete Postscript interpreter which is used to "run" the document (rather than just showing it like you would a text file). In effect therefore - PDFs should be considered programs rather than documents.

  2. shaggy · 1207 days ago

    The best solution at this time to defend against this vuln is to jailbreak, then install the pdfpatch 2 from Cydia to close the hole on your IOS device.

  3. I think pdf vulnerability can be fixed by installing pdf fix app from cydia after jailbreaking so that device can be secured from any further exploits.

  4. Branden · 1206 days ago

    "If they exploited the same vulnerability in a copy-cat maneuver, cybercriminals could create booby-trapped webpages that could -- if visited by an unsuspecting iPhone, iPod Touch or iPad owner -- run code on visiting devices,"

    True but if you run the exploit yourself to jail break your device it actually patches the vulnerability.

  5. Brittany · 1206 days ago

    I really wonder....is it worth it to jailbreak an iPod/iPhone/iPad?

  6. coma nurse · 1206 days ago

    Eh, the Jailbreakme site has been operating as described for a full year now. The only thing that's changed is that the exploit has been updated.

    • ron · 1201 days ago

      not really. jailbreakme only worked on an earlier version of iOS that has a pdf vulnerability. this version only works on 4.3. visit with other iOSes and nothing happens.

  7. Mitrian · 1201 days ago

    It's ironic that the best way to secure your iPhone/iPad right now is to Jailbreak it. But the commenters above are correct -- currently the only known patch for this PDF exploit is the patch available from Cydia, which you can only install if you're jailbroken.

    Also interesting is that this vulnerability was first discovered and published by "comex" and/or "geohot" a few days prior to the release of the iPad 2. So Apple can't really be all that furious... they've had about four months to close the vulnerability themselves.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.