According to ZDNet, threat actors are building-up on the hype around the recently announced Checkm8 iOS jailbreak in order to exploit and trick users into installing unwanted iOS apps on their devices. The major concern is that jailbreaking provides hackers with the ability to break iOS devices and then to strip them of restrictions Apple has placed on them, as Wired has reported.
To discuss the implications, OneSpan’s, Senior Product Marketing Manager, Sam Bakken spoke with Digital Journal.
According Bakken: “The jailbreak community is eagerly awaiting the release of checkra1n, a jailbreak tool that leverages the checkm8 vulnerability recently discovered in some older Apple devices’ chipsets.”
The risks relate to how hackers might use this weakness, as Bakken notes: “Adversaries are very smart about monitoring social media and current events and developing schemes to use news as fuel for fraud.” With this he draws parallels with another vulnerability detected last year: “Similar to attackers capitalizing on people’s excitement surrounding Fortnite for Android this time last year by tricking users into thinking they were gaining early access but instead installing malware, adware and spyware on their Android devices, so attackers are now targeting the jailbreak community specifically.”
In terms of how the attack might happen, Bakken advises that a fake platform “promises to jailbreak an iOS device and displays a number of animated graphics to convince the user that their device is in the process of being jailbroken when in fact it is not at all.”
And as to what this means, Bakken says: “The purpose is to get a user to install a malicious profile on their device that can be leveraged to conduct click fraud and line an attacker’s pockets with ad revenue.”
In term of what users of Apple products should do, Bakken notes that most people who use Apple products “should steer clear of jailbreaking their devices because it de-activates a number of standard security controls that keep them safe. ”
He also advises that people who have iOS equipped devices should “not install profiles from websites or really anywhere unless a trusted member of their IT team is guiding them.”
He additionally calls upon those who develop apps to understand that “iOS is just as vulnerable as Android, and they need to take steps to fortify both their iOS and Android apps and users against threats such as these.”
Bakken further recommends that people should institute jailbreak detection in their apps. Furthermore, people need to “implement in-app protection and app shielding capabilities that monitor their apps during runtime to identify and shut down any potentially harmful activities.”
