Hackers find easy way to steal large sums of money through Starbucks app

By Jake Smith on May 14, 2015

Hackers are stealing money from users’ credit cards, banks, and PayPal accounts through the Starbucks mobile app, the coffee giant confirmed to CNN on Tuesday.

The app, which lets users pay at checkout and reload Starbucks gift cards, has an auto-reload function that makes it easy for hackers to take from users, not needing any account numbers. Read More

 

Hacker creates a software-only brute force tool for jailbroken devices

By Jeff Benjamin on Mar 23, 2015

Well-known iOS jailbreak developer and hacker Majd Alfhaily was intrigued when read about MDSec’s black box hardware brute force for iOS devices. The tool, which runs over a USB connection, tries every possible passcode combination in an attempt to unlock an iPhone secured with a simple passcode.

The downside of such a tool, is that each PIN entry takes approximately 40 seconds, so it could take more than 110 hours to brute force an iPhone. Majd, being the curious person that he is, devised a way to do it in a fraction of the time using only software. The only caveat, if you even want to call it that given what it does, is that the device must be able to run unsigned code, i.e., the device must be jailbroken. Read More

 

New ‘IP Box’ tool unlocks iPhone PINs via brute force attacks

By Cody Lee on Mar 18, 2015

A new device is causing commotion around the interwebs today, that has the ability to unlock PIN-protected iOS devices. The tool, first spotlighted by security firm MDSec, is being used in the phone repair markets to brute-force iPhone and iPad Lock screens.

According to MDSec, these ‘IP Boxes’ are about the size of an Apple TV, and you can acquire one for around $300. It works by simulating the PIN entry on a device over a USB connection, and is able to sequentially bruteforce every possible PIN combination. Read More

 

Apple ‘actively investigating’ alleged iCloud hack that led to celeb photo leak

By Cody Lee on Sep 1, 2014

After nearly 24 hours of silence, Apple has finally commented on the alleged iCloud hack that led to a massive leak yesterday of nude celebrity photos. The Cupertino-based company says that it is aware of the reports and is “actively investigating” the claim.

“We take user privacy very seriously and are actively investigating this report,” Apple spokeswoman Natalie Kerris told Recode in a statement. She did not, however, provide any additional details on the attack, or if iCloud was even the source of the photos. Read More

 

Hacker leaks dozens of nude celebrity pics in alleged iCloud hack

By Cody Lee on Aug 31, 2014

Twitter, Reddit and several other social networks are blowing up this evening with talk of a major nude celebrity photo leak. The trove first appeared on 4chan’s /b/ thread earlier today, and it includes Academy Award winner Jennifer Lawrence and several others.

The pictures were allegedly retrieved through a vulnerability in Apple’s iCloud service, which allowed the celebrities’ phones to be hacked. Thus far, no one has confirmed that iCloud was actually breached, and few details are known about the attack, or the attacker. Read More

 

BigBoss repo allegedly hacked [updated]

By Sébastien Page on Jul 18, 2014

BigBoss, one of the default repositories for jailbreak tweaks in Cydia, has allegedly been hacked by an individual or a group of individuals whose identity is still unknown.

The attackers were apparently able to gain access to all packages (paid and free) that are available in the BigBoss repo, and made the deb index and database available for download. The assailants went as far as creating a new repo which can be added to Cydia to download all BigBoss-hosted tweaks.

As is always the case when this type of security breach happens, jailbreak users should be cautious and stay away from this. Read More

 

Yo hack compromises your phone contacts, but fix is underway

By Christian Zibreg on Jun 20, 2014

Yesterday, I told you about Yo, a ridiculous new messaging app which lets people exchange two-character “Yo” messages. Some like Stephen Colbert have eviscerated Yo for being utterly useless and plain dumb while others point out the fact that it’s received more than $1 million in VC-backed funding as a proof that the mobile messaging space is booming with innovation.

Be that as it may, turns out the controversial software poses something of a security risk as a pair of college students have found a vulnerability allowing them to compromise any Yo user’s phone number, spam them with unsolicited messages and more.

Yo founder Or Arbel has confirmed that the app was “having security issues” and has promised to deliver a fix “in next few hours”Read More

 

Apple says Australian iOS device attacks not caused by iCloud breach

By Cody Lee on May 28, 2014

On Monday, a number of iOS and Mac users came forward with complaints that their devices had been remotely locked by hackers. In most of the cases, a message appeared via Find My iPhone on the locked devices, demanding payment for the hack to be reversed.

As far as we can tell, the attacks have been concentrated on Mac and iOS products in Australia. And among the various theories of how the hackers were able to set a remote lock has been the fear that iCloud was breached. But Apple says it hasn’t been compromised… Read More

 

Some iOS devices hijacked and held hostage in Australia

By Joe Rossignol on May 27, 2014

A growing number of iPhone, iPad and Mac users in Australia are turning to the Apple Support Communities and Twitter to report incidents of their device being remotely locked through iCloud. In some cases, a fraudulent message appears through the Find my iPhone service demanding payment between $50 and $100 to someone named Oleg Pliss for the device to be unlocked…  Read More

 

Hackers create tool to bypass Apple’s ‘Activation Lock’ security feature

By Cody Lee on May 21, 2014

Two hackers have created a tool that they claim can bypass Apple’s ‘Activation Lock.’ It’s called ‘doulCi, and it uses a man-in-the-middle attack to intercept users’ Apple ID credentials as well as unlock devices disabled by the highly-lauded security feature.

The hack utilizes a vulnerability in iTunes for Windows that has to do with verifying security certificates. And apparently, all you have to do to get it to work is plug in the device to a computer, and alter a file, directing it to an alternate server instead of iCloud… Read More

 

Glitch discovered in iOS 7.1 lets you hide stock apps

By Cody Lee on Mar 26, 2014

Folks who updated to iOS 7.1 earlier this month may be interested in this newly-discovered glitch that allows you to hide stock iOS apps. It’s very similar to last year’s Newsstand glitch, in that it involves a multi-step process and doesn’t [obviously] require a jailbreak.

The glitch is present on both iPhones and iPads, and is relatively easy to exploit. All you have to do, essentially, is create a folder full of apps you wish to hide, drop it in another folder, and then remove it. Interested? Keep reading for a full step-by-step video tutorial… Read More

 

Hacked T-Mobile carrier update for iPhone offers several features and improvements

By Cody Lee on Mar 26, 2014

Folks with an iPhone on T-Mobile might be interested to hear that there’s a new hacked carrier update available that promises a number of enhancements. It was created by the same folks who brought us that slew of carrier update hacks for Sprint, Verizon and AT&T iPhone models last summer.

This time around, the developers say that the modded update includes a variety of things like boosted data speeds and signal reception (depending on your location). It also adds several native T-Mobile features to your iPhone like the ability to view account balance, texts sent and other usage info… Read More

 

Winocm shows off iPad triple-booting iOS 5.1, 6.1.3 and 7.0.6

By Cody Lee on Mar 25, 2014

This is pretty interesting. Hacker winocm has posted a new video of his iPad triple-booting into multiple versions of iOS. The clip shows his hacked tablet booting up and running in iOS 5.1, and then its ability to quickly switch to iOS 6.1.3 and iOS 7.0.6.

Winocm has made quite the name for himself around the jailbreak community as both a hacker and a tinkerer. Last week he posted a video of his jailbroken (untethered) iPhone 4 running iOS 7.1, and don’t forget he helped iH8sn0w create p0sixspwnRead More

 

Geohot wins $150,000 for exposing ChromeOS exploits

By Cody Lee on Mar 15, 2014

Google held its Pwnium 4 security competition last week at CanSecWest in Vancouver, Canada. The day-long event ended with hundreds of thousands of dollars being awarded to hackers who demonstrated exploits in Google Chrome. And believe it or not, $150,000 of that went to Geohot.

For those not familiar with the name, Geohot has picked up a number of headlines over the past 7 years. After hacking the iPhone he took his talents to the PS3, where he caused enough chaos to get sued by Sony. And he’s since been spotted at Facebook, iOSDevCamp and various other places… Read More

 

Give your old device the look and feel of iOS 7 with Whited00r 7

By Cody Lee on Dec 29, 2013

Although Apple is one of the best handset-makers around when it comes to supporting older devices, it does have a cutoff point. And for iOS 7, that cutoff point was the iPhone 4, meaning you can not install the new firmware on devices older than that.

But never fear! If you happen to be running an older device, you can still get the look and feel of iOS 7 thanks to Whited00r 7. The modded firmware includes an iOS 7-style UI with card multitasking, Control Center, push notifications, and much more… Read More

 

Researchers have found a way to discreetly activate Mac iSight cameras

By Cody Lee on Dec 18, 2013

Hackers have long had the ability to infiltrate a person’s personal computer, and enable their webcam without their knowledge. We’ve been hearing horror stories about this for years, where users were covertly spied on through their PC’s camera.

But Mac owners have always been led to believe that this can’t happen with the iSight camera, because it’s designed to always illuminate the adjacent green light every time it’s active. Researchers have found a way, though, to get around this behavior… Read More

 

Developer ports iOS core to Nokia N900

By Cody Lee on Nov 24, 2013

Winocm, the developer leading the work on the iOS 6.1.3/4 jailbreak, has managed to port iOS to a non-Apple device. The photo you see above is the iOS core, known as the “XNU Kernel,” running on a Nokia N900 smartphone.

The port is extremely primitive, as it doesn’t include any of iOS’s or OS X’s user-interface elements and cannot be run as a useable operating system. But it does signal a major development for the ongoing open source project… Read More

 

Yet another Lock screen vulnerability, this time on iOS 7.0.2

By Jeff Benjamin on Sep 27, 2013

Once again, another Lock screen vulnerability has reared its ugly head, this one right on the heels of Apple’s 7.0.2 update to fix another vulnerability.

Dany Lisiansky has posted the steps on a YouTube video he recently uploaded, and we’ve verified that the steps, albeit a bit involved, do work.

If there’s one bright spot about this latest vulnerability, it is that it doesn’t expose anything outside of the Phone app to would be snoopers, and you can nix the bug by disabling Siri access from the Lock screen. Still, Apple’s security team can’t be happy about this. Read More

 

Expert says ‘average consumers’ shouldn’t worry about Touch ID hack

By Cody Lee on Sep 24, 2013

Over the weekend, a group of hackers called the Chaos Computer Club announced that it had managed to bypass Apple’s Touch ID system using the popular ‘fake finger’ method involving a hi-res photograph, and pink latex milk.

As you’d expect, the announcement has caused quite a commotion, and has a lot of folks concerned. But according to security expert Marc Rogers, they shouldn’t be. He says the average consumer has nothing to worry about… Read More

 

Hacker group bypasses Apple’s Touch ID with ‘fake finger’ technique

By Cody Lee on Sep 23, 2013

A group of German hackers called the Chaos Computer Club has reportedly figured out a way to bypass Apple’s new Touch ID fingerprint sensor using a variation of the long-running ‘fake finger’ technique.

The method involves taking a high resolution photo of the original user’s fingerprint, printing it on a transparent sheet with a thick toner setting, and then filling it in with pink latex milk. Here, watch the video… Read More

 
Page 112345...