One Dutch hacker managed to find and hack into jailbroken iPhones, though it seems the hacker was more interested in a few euros than malicious ends. However, the incident is another reminder that users of jailbroken iPhones need to be more vigilant about security.

Though jailbreaking an iPhone certainly opens up opportunities to add functionality that Apple doesn't approve of, it can also make an iPhone less secure. Several Dutch iPhone users found that out the hard way after a hacker attacked a number of vulnerable phones on T-mobile Netherlands and tried to extort €5 from them: http://gathering.tweakers.net/forum/list_messages/1376420/0

It appears one enterprising Dutch hacker used port scanning to identify jailbroken iPhones on T-mobile Netherlands with SSH running. Enabling SSH is a common procedure for jailbroken iPhones, allowing a user to log in via Terminal and run standard UNIX commands. Unfortunately, iPhones all have a default root password that many forget to change after jailbreaking, leaving their phone as vulnerable as a Lamborghini parked on a public street with the windows down, the doors unlocked, and the keys in the ignition.

The hacker relied on unchanged root passwords to hack into the phones. He then sent what appears to be an SMS alert to the hacked phones that read, "You iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files." Going to the website directs the user to send €5 to a PayPal account, after which the hacker will e-mail instructions to remove the hack—which most likely involve restoring the iPhone to factory settings.

The hacker doesn't appear to have malicious intent, other than to glean some extra cash. "If you don't pay, it's fine by me," reads the page mentioned in the message to the hacked iPhone owners. "But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advice to secure your phone."

An SCF reader familiar with computer security let us know that security researchers have done similar port scanning in the past, and downloaded users' SMS databases as a "proof of concept." However, this is the first time that it seems the technique has been used in the wild. It's worth noting that the technique is fairly trivial and could be done by anyone with even a modicum of networking know-how.

The incident highlights the fact that jailbreaking removes the security mechanisms that Apple has in place for the iPhone OS—which are as much about securing the device against hackers as they are about preventing "unauthorized" applications. If you do jailbreak, then the onus of security is on you, so be sure to change the root password to something other than the default. You can also disable the SSH daemon when not in use to prevent this particular attack from happening to you.

(ARS Tehnica)