JailbreakMe 3.0 has garnered some serious attention over the last 48 hours. The last report we heard was that the site had been visited over a million times, and the PDF exploit had been downloaded over 500,000 times.

The exploit must have also grabbed the attention of Germany’s Information Security team, because the group just issued a country-wide warning for all iOS products. The Mobile Safari vulnerability exposed by Comex in his new jailbreak tool has really made some folks nervous…

The Huffington Post reported yesterday that Germany’s Federal Office for Information Security has issued a warning on iPhones, iPads and the iPod touch, stating that they have a “critical weakness.”

The group claims that the device is susceptible to malware via an infected PDF file, which can infect a user’s device without them knowing:

“Clicking on an infected PDF file is sufficient to infect the mobile device with malware without the user’s knowledge” on several versions of Apple’s iOS operating system. After opening a website that carries an infected PDF file, a user’s device would be open to criminals spying on passwords, planners, photos, text messages, emails and even listen in on phone conversations.”

The agency points out that Apple has yet to offer a patch to fix the problem, but an Apple Germany spokesman told The Associated Press yesterday that they were aware of the warning. The spokesman declined any other comments.

The irony here, is that — with no word from Apple yet — the best way for folks to protect themselves from this vulnerability is to jailbreak their iDevice. Only when an iDevice is hacked, can users install Comex’s PDF Patcher 2, which fixes the security issue.

I’m not really sure if this is worth a national warning. There hasn’t been any mass-distributed malware that utilizes the PDF problem discovered in the wild, yet. However, the problem does seem to be receiving a fair amount of media attention, so how long can Apple keep their silence?

What do you think?

  • One word: Overreaction. But that’s just typical for Germany (and that coming from me, being German myself). Plus, like you already explained, if you jailbreak your device you can fix the exploit yourself; so what’s the problem?

  • kokhean

    If only the following warning appeared in the newspapers…

    “Clicking on an infected PDF file is sufficient to infect the mobile device with malware without the user’s knowledge” on several versions of Apple’s iOS operating system. After opening a website that carries an infected PDF file, a user’s device would be open to criminals spying on passwords, planners, photos, text messages, emails and even listen in on phone conversations. As of now, please update your firmware to iOS 4.3.3, jailbreak your iOS device(s) and install the PDF Patcher 2 from Cydia immediately.”

  • Lol, i would like to point out that all the hackers are busy making cydia tweaks and new JB tools… Why would they bother with creating and distributing malware

  • wondering

    in what iOSes is this exploit found?

  • Mitch

    The exploit could fit into a 24 story line.

  • Manuel

    They are stupid. Comex made a PDF fix the day the jailbreak came out. If they were so smart, they would know this. Funny to say, you need to be jailbroken to fix the exploit or you can be f’ed up.

  • Joel

    Why doesn’t comex make the patch in a PDF format for people who want it without the jailbreak? That’d really make apple look bad.

  • Jason

    I thought iOS is the most secure than other OS..looks like i was wrong on that..

    • zYx

      Show me somebody who writes malicious software for iOS.
      That’s pathetic. But mass will buy this crap. I don’t really care. The time goes on.

  • Hyg

    If i download this jailbreak can i get virus or if i dont download this jailbreak can i get virus???! Plzzzzz! Help me!!!!