How to protect yourself from malicious jailbreak tweaks

Jailbreak iPod touch 6g

As you guys know, there was a pretty significant iCloud account attack reported recently, in which nearly a quarter of a million iCloud accounts were exposed to potential compromise. The number of accounts that were actually hacked is up for debate, but it was less than half of the reported 220,000~ or so iCloud accounts exposed.

Of course, many took this attack as an opportunity to lecture about the reasons why we shouldn’t jailbreak. While such a lecture isn’t necessarily ill-intentioned, I think that most people who jailbreak understand that there are some inherited risks associated with doing so.

It’s not like accidentally downloading an infected app on your computer, or an ill-advised clicking on a shady email link. Those who jailbreak generally know that there are some security risks involved, at least partially. The problem is, many don’t understand that there are effective ways to protect one’s self.

How do you go about ensuring that you’re as safe as possible while maintaining a jailbroken iPhone? The following steps will show you how.

Let’s Talk Jailbreak

On episode 123 of our jailbreak podcast, we talk about jailbreak security and steps that you can take to protect yourself. Listen in…

Turn on Two-Factor Authentication

Of all of the items on this list, this is by far the most important. Whether you’re jailbroken or not, you need to have 2FA enabled for your Apple ID. If you don’t have 2FA enabled, then stop reading this post and do so now.

Two-Factor Authentication makes it so that, in addition to your strong password, you’ll need another form of identification to successfully access your account. Think of it as someone asking for ID after you try to use your debit card. Your iPhone can act as a 2FA agent, which means that when someone logs in using your Apple ID, they’re required to have your phone in their possession in order to complete the log in. That’s two factors of authentication—your password, and your key—which is, in this instance, you’re iPhone.

2FA makes it so that even if your account does get compromised, and someone figures out your password, they still can’t login without the key—your iPhone—in their possession. Like I stated, even if you’re not jailbroken, you should definitely have 2FA enabled.

iCloud Breach

Don’t install shady repos

Once jailbroken, there are some simple steps that you can take to reduce the risk of being compromised. The first step is to simply stay away from 3rd-party repos. Only use the repos that come bundled with Cydia, like ModMyi and BigBoss. If a repo sounds shady, or looks shady, there’s no need to assume the risk.

Off the top of my head, I can think of three malicious attacks that occurred when users downloaded shady tweaks from questionable repos. They are as follows:

From time to time, we here at iDB do endorse 3rd-party repos. This is usually few and far between, but there are some repos, such as Ryan Petrich’s beta repo—that are deemed trustworthy.

Don’t install shady tweaks

…but you don’t necessarily need a bad repo to infect your device with a malicious tweak. You can install tweak packages directly via iFile, or via the command line. Cydia also has the ability to navigate directly to a package’s page, even if the repo isn’t currently on you iPhone.

Be very selective about the types of tweaks and apps that you install on your device. If it sounds too good to be true, it probably is.

Stay away from piracy

There are a couple of reasons why you should stay away from pirate apps and tweaks…

a). It’s wrong.

b). You’re assuming needless risk by doing so.

Where do you think the creators of pirate repos and cracked apps get their motivation? Out of the goodness of their heart? If you want to be gullible and believe that, then carry on, but in most cases, the persons behind such an operation have ulterior motives.

They either…

a). get paid off of the ads from the traffic that their piracy generates

b). steal your credentials and sell them to the highest bidder

c). infect your machine with ad-hijacking trojans

d). all of the above

While I won’t say that every pirate repo or piracy source if guilty of this, many of them are. People are usually motivated to do things for a reason, and money is one of them. This isn’t the place to give a lecture on piracy and the ethics of such, but just know that by pirating tweaks and apps, you’re assuming a significant risk by doing so.

Be skeptical

That’s not to say that you should put on your tin foil hat, but you should be discerning and at least a little bit skeptical. Even tweaks on the Cydia Store’s default repos, as we’ve seen in the past, can contain malicious pieces of code. Heck, App Store apps have in the past as well.

The point is—think about what you install before you install it. If it’s from Cydia’s default repos, then there’s a 99% chance it’s safe to use. Still, be aware of what you’re doing, be a bit skeptical, and know exactly what you’re installing and why you’re doing so.

OpenSSH and your Root Password

Another good thing to do is avoid installing OpenSSH unless you absolutely need it. There are some instances where you may need to connect to your iPhone via SSH, but the average jailbreaker won’t need to do this.

Also, be sure to change your root password if you’re jailbroken. Again, the likelihood that you’ll be compromised is extremely low, especially if you’ve followed all of the steps above, but it’s still a good idea to change your root password if you can. You can learn how to change your root password via this post.

Stay safe out there

While nothing, even a stock iPhone, is 100% fool proof, it must be acknowledged that jailbreaking your iPhone does increase the likelihood of a system compromise. That likelihood, in actuality, is still very unlikely if you follow the steps outlined above, but I don’t want to sugarcoat a reality.

Even with the added risk, if you follow these easy-to-abide-by rules, then you greatly reduce the risk of any sort of compromise of your iPhone and its data. The most important thing that you can do, as stated, is enable Two-Factor Authentication. By simply taking that step, you lock down access to one of your most valuable digital assets.

Use common sense, and have fun! Jailbreaking is still very awesome, and this won’t steer me away in the slightest. I’ll just be that much more careful. Also, be sure to keep up with the posts here on iDB. We were the very first blog to report on the latest iCloud hack, and we’ll be sure to keep you informed on any additional ongoings related to security in the future.

What do you resolve to do?