AdBlocking On iPhone Causing Apps To Stop Working

Developers of apps on the App Store worked out a way of stopping users from running cracked apps on their device but now the developer of the LockDown app on the Cydia store has stopped the application from running, if you’re blocking AdMob ad’s on the iPhone. Using the app AdMob BeGone on the device stops the app from running and requires you to remove it before it will work again.

It makes sense as LockDown is a free app from Cydia and so they rely on donations and Ad’s but will this be the beginning of all app’s doing this, or just a select few like cracked apps?


Second iPhone Worm Used For Malicious Purposes

There has been news today of yet another iPhone worm that affects users who have unsecured SSH installed on their device.

Security Company, F-Secure, has unearthed this latest worm for the iPhone which targets people in the Netherlands, as it did before with the first exploit of unsecured SSH. It targets users who use their iPhone to online bank with ING. Much like a phishing attack, it redirects the bank’s users to a look-a-like website with a log-in screen.

The worm only affects jailbroken devices as before, and only devices with SSH that has the default password are affected. This latest worm is more serious than the ones prior, as they were created to warn people, that things such as this could happen. The security company, F-Secure, have also said that it can behave like a botnet and send itself to other un-secure devices on a local WiFi network.

The phone can be controlled by the hacker remotely without the knowledge or permission of the user. Hackers can ring people, text people, copy your contacts or what ever they wish with your device if it’s left open. At the moment it’s only spreading around the Netherlands, but soon enough malicious hackers will most likely take advantage of the users who don’t change the default password.

A spokesperson for ING Bank said that a warning was going to be put on the bank’s official website.

“We are also briefing call centre personnel,” she added. “It’s important to remember that the worm only affects jail-broken phones and it is only aimed at customers in the Netherlands.”

If your device is jailbroken and you believe SSH maybe, or is installed then please read this guide to secure your device. Many other guides will not fully protect you as they only change the mobile user password and not the root.

If you wish to read more from F-Secure on this issue click here.

Related:

How To: Change Your iPhone’s SSH Password
Dutch Hacker Hack’s Into Jailbroken iPhone’s
iPhone Worm Rickrolls Jailbroken Devices

iDashboard 1.0 for iPhone Released

iDashboard v1.0 has been released by WyndWarrior, it’s an iPhone utility which mimics the widget functionality of Mac OS X.

A multi page dashboard for your iPhone! Features a world clock, a calendar, a weather widget, a working calculator, lockscreen dashboard, and double-tap Dashboard. Also will have available widget packs for download in Cydia. Customization features include: wall-papers with auto-dim and the ability to change wallpapers through the photo app.

iDashboard

Steven Troughton-Smith is developing a similar application, which is not yet released.

iPhone Worm Rickrolls Jailbroken Devices

Over the past week there has been a lot of news over unsecured SSH on iPhone. First about the Dutch hacker who wasscanning the network for jailbroken users who had not changed their default SSH password. Now a hacker who goes by the name of “ikee” from Australia, created a worm that changes the home screen background to Rick Astley.

As I’m sure your aware by now this only affects users who have jailbroken their phone and installed OpenSSH, not just general users or who have jailbroken their device. If you have jailbroken your device and have got OpenSSH installed please read this guide on how to change your default password to ensure none of these worms or hacks will affect you.

Rickroll iPhone Worm

ikee says this is how the worm spread: “The code itself is set to firstly scan the 3G IP range the phone is on, then Optus/Vodafone/Telstra’s IP Ranges (I think the reason Optus got hit so hard is because the other 2 are NAT’d) then a random 20 IP ranges. I’m guessing a few phones hit a range that another vulnerable phone was on.”

Once one phone is infected it searches for phones with the default password and then begins the process again.

Dutch Hacker Hack’s Into Jailbroken iPhone’s

How To: Change Your iPhone’s SSH Password

How To: Change Your iPhone’s SSH Password

As many have been prompted by the recent icident, including Dutch iPhones on T-Mobile, the SSH on the iPhone has a default password which most people do not change, leaving themselfs unprotected. Here’s the quick guide to change your root password on your iPhone.

MobileTerminal

Please note that some guides will change the mobile password, however this will still leave you unprotected so ensure you follow these instructions carefully.

  • Download ‘MobileTerminal’ from Cydia.
  • Run MobileTerminal
  • Type ‘passwd’
  • Enter your new password
  • Enter it again
  • Type ‘su root’
  • Then Type: ‘alpine’ (iPhone 3G, iPhone 3GS) ‘dottie’ (iPhone 2G)
  • Press Return
  • Type ‘passwd’
  • Enter your new password
  • Enter it again
  • Now your iPhone is secure from SSH hacking

Dutch Hacker Hack’s Into Jailbroken iPhone’s

A Dutch hacker used a port scanning to identify jailbroken iPhones on T-Mobile Netherlands with SSH running.Jailbroken iPhone HackedJailbroken user’s commonly use SSH to run standard UNIX commands on their iPhone. However, due to the way it’s set up all iPhones have the same default root password that most people don’t change. This means if a user knows a iPhone is close running SSH they can access all of the files on the device.

The Dutch hacker used the unchanged root passwords to hack into the phones, he then sent a SMS alert to the phones that read, ” You iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.” Once going to the website it directs the user to send €5 to a PayPal account, after which the hacker will e-mail instructions to remove the hack—which most likely involve restoring the iPhone to factory settings.

The hacker doesn’t appear to have malicious intent, other than to glean some extra cash. “If you don’t pay, it’s fine by me,” reads the page mentioned in the message to the hacked iPhone owners. “But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It’s just my advice to secure your phone.”

To stop this from happening to you read the article on How To: Change Your iPhone’s SSH Password.

iPhone Dev-Team Release PwnageTool for 3.1

The iPhone Dev-Team has just released there latest jailbreaking tool, PwnageTool for iPhone OS 3.1. At the minute the Jailbrakejailbreak is for Mac only but hopefully a Windows version will be released soon.

Read More

Download (Torrent)

This release starts with PwnageTool 3.1 for Mac OS X – this application supports the iPhone 1st Generation (2G), the iPhone 3G and the iPod touch 1G. NB: THIS DOES NOT SUPPORT THE 3GS OR 2G/3G IPOD TOUCH. redsn0w for Mac OS X and Windows will follow sometime in the near future, please don’t bug us about it – we’ll release when we have something ready.

  1. GOLDEN RULE: If you are using a 3G iPhone with ultrasn0w and rely on ultrasn0w to obtain cellular service, then you should only upgrade to 3.1 with a PwnageTool created .ipsw. – Stay away from Apple’s direct updates as described here and here please get up to speed on the whole subject by reading the information contained in these posts.
  2. If you have an original iPhone (1st generation) then 3.1 unlock works with this PwnageTool release. iPhone 3G users upgrading to 3.1 will need to continue using ultrasn0w with a PwnageTool created 3.1 .ipsw
  3. Please read all parts of this post before downloading and using these tools.
  4. Read items 1, 2 and 3 again and again.
  5. At the bottom of this post are the bittorrent files for the 3.1 capable version of PwnageTool.
  6. This app is suitable for the recent 3.1 release.
  7. This version of PwnageTool will NOT work for the iPhone 3GS.
  8. PwnageTool WILL work for Original iPhone (1st Generation), Original iPod touch (1st Generation) and the iPhone 3G.

Dev-Team Confirm No Need For New Jailbreak Tools For 3.0.1

The iPhone Dev-Team have confirmed that there is no need for them to release new tools for Jailbrakejailbreaking the latest firmware 3.0.1.

They released this information:

The 3.0.1 release is a “branch” from 3.0 that occurs (code-wise) before all the 3.1 betas. The programs redsn0w needs to change for the jailbreak are identical when you compare the 3.0 and 3.0.1 versions. It seems pretty much the only changes Apple made were for the SMS bug, which affects programs that redsn0w doesn’t touch. That’s why you can re-use redsn0w 0.8 on 3.0.1 even though it was written for 3.0.

And since 3.0.1 doesn’t touch the baseband either, ultrasn0w 0.9 works for those needing the soft unlock. Just install it from the repo666.ultrasn0w.com repository using Cydia as usual.

We’ll at some point fix redsn0w to recognize both 3.0 and 3.0.1 IPSW’s, but really that’s the only change that would be made to it. Everything else would be identical, so there’s no need to wait for the “proper” version that recognizes the 3.0.1 IPSW as valid.

So to jailbreak the new firmware just use the old tools and you should have no problems.

Apple Releases iPhone OS 3.0.1

Apple earlier today released the latest iPhone OS, version 3.0.1. This update fixes the major SMS security issue that theyiphone_os_3 have finally fixed.

There hasn’t been many changes in the latest firmware release that have been found other than the SMS fix, feel free to email them in if you find any.

If you want to jailbreak your device it has been reported that in most cases it works fine but maybe wait a while until everything gets checked out.

Ultrasn0w Version 0.9 Released

The Dev-Team have released ultrasn0w version 0.9 today. Its features include:

  • Works on both 3G and 3GS
  • Works on hacktivated devices
  • Works regardless of how you jailbroke your device
  • Doesn’t patch any mach-o binary whatsoever.  (Doesn’t require a separate patch as each new firmware comes out).
  • Doesn’t install any additional daemon
  • Has no race conditions, no popups about “Missing SIM”, no network issues
  • Is almost 7000 times smaller than its nearest competition
  • Is available now via Cydia.  Source repo is http://repo666.ultrasn0w.com (that last “0” in ultrasn0w is a zero!)

Read More