A Dutch hacker used a port scanning to identify jailbroken iPhones on T-Mobile Netherlands with SSH running.Jailbroken user’s commonly use SSH to run standard UNIX commands on their iPhone. However, due to the way it’s set up all iPhones have the same default root password that most people don’t change. This means if a user knows a iPhone is close running SSH they can access all of the files on the device.
The Dutch hacker used the unchanged root passwords to hack into the phones, he then sent a SMS alert to the phones that read, ” You iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.” Once going to the website it directs the user to send €5 to a PayPal account, after which the hacker will e-mail instructions to remove the hack—which most likely involve restoring the iPhone to factory settings.
To stop this from happening to you read the article on How To: Change Your iPhone’s SSH Password.