By Chris Scott Barr

There are a number of reasons why a person might want to jailbreak their iPhone. This list includes data tethering, using it on another carrier and running unauthorized apps. Of course if you aren’t careful, you could leave your device vulnerable to a rather simple attack. Recently a number of people discovered a rather troubling message on their jailbroken phones, informing them that they had indeed been hacked.

The message, seen to the right, was left on a number of people’s phones with a link to the hacker’s website. Originally the hacker was asking for €5 in exchange for a fix, though he has now simply posted the fix on his site. So how did he pull it off? It’s simple really.

He used port scanning on the T-Mobile network (in the Netherlands) to find iPhones running SSH. This is something generally necessary when jailbreaking an iPhone. Armed with the knowledge that many people don’t bother changing the default password, he was able to gain access to a number of phones. He then changed the wallpaper to make it look as though there was an SMS alert being displayed.

It’s good that the hacker changed his tune and made the fix available for free. It does bring up a very, very valuable point. Regardless of what we’re talking about, be it desktop, phone or server; change the root password!

[ mr09 ] VIA [ Ars ]