Apple's iPhone is rather popular for a few reasons, and one of those is 'jailbreaking'; that is, freeing your device from Apple's limitations and installing any software desired. However, it's not all good news, as a hacker has recently broken into some phones and demanded a ransom.
The hacker broke into a few unwary Dutch iPhone users' phones, after they made the mistake of leaving their SSH password default, as initially discovered in this thread (in Dutch). According to Ars Technica, the hacker then sent SMS messages from the phones in question stating, "You iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked [link seems to have been taken down now] and secure your iPhone right now! Right now, I can access all your files." Of course, once you visit the aforementioned site, the hacker asks for a reward of €5 to be sent to a PayPal address in order for him to leave the victim alone. The hacker went on to state, "If you don't pay, it's fine by me, but remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advice to secure your phone."
This shows how careful you have to be when messing around with things such as this; a simple slip of the memory can lead to something far more sinister. Though the hacker seems to be pretty unfocused on removing or destroying data, others might not be so forgiving.
To clarify this issue a bit further, for your iPhone to be in any danger you'd have to meet the following criteria:
- Your device must have been jailbroken.
- The device must have an SSH application installed (OpenSSH, for example).
- SSH must be enabled for this to work, and the password left as default.
Image Credit: Gizmodo
71 Comments - Add comment