IOS devices use a fairly secure operating system, but also somewhat limited. That is why the jailbreak exists, to be able to do everything Apple does not want us to do. The problem with jailbreak is that, while we open a door to a whole range of possibilities, we open a door to malicious software. And is that many users who used the latest Pangu tool They are reporting something worrisome.
It seems that some users who made the jailbreak with the new Pangu tool have seen how Several of your accounts have been used in an unauthorized manner, as we can read on Reddit. At this point it seems very important to mention that this problem may be happening just after the last launch of the Chinese hacker team just by coincidence; At the moment it is not confirmed that it has any relationship.
Is Pangu's last jailbreak safe?
The main reason why the last jailbreak is distrustful is that we are asked for our Apple ID at a time during the process. Logically, after performing a process that breaks the chains of iOS, good and bad, in which we have to provide our credentials, the most logical thing is to think that the violation of accounts has something to do with the last jailbreak, although we repeat what It has not yet been confirmed that it has a relationship.
Users who have seen their compromised accounts agree that they used the Windows PPHelper tool, so this tool is likely to contain malicious code that sends credentials to a server for later fraudulent use.
So far, affected users say they have entered their Facebook, PayPal and credit and debit accounts. Most likely, if it is confirmed that the PPHelper tool is to blame, the affected users will give their Apple ID and use the same credentials in other accounts, so it is not ruled out that they can also access other accounts in addition to the 3 mentioned above.
Saurik trusts Pangu … but not 25PP
Saurik says he trusts Pangu, but what not sure of the broadcasting routes that the Chinese hacker team can use. Also, he doesn't like that of having to install the 25PP tool. It is assumed that Cydia Impactor, the software with which the jailbreak is installed in its English version and created by Saurik himself, is clean because it does not install anything 25PP. The bad thing is that it works from the 25PP servers and the possibility that they have modified the software is not ruled out, so nothing can be taken for granted. The majority of affected cases have taken place in Asia, but it is not ruled out that it will happen in more countries because of all the above.
All this shows that you have to be very careful always, and more when we jailbreak our device. If any software of doubtful origin asks us for our Apple ID, it is best not to give it. And if we need some of that software, it is worth creating an account just to carry out the process. The question now is: do we trust Pangu?
UPGRADE: Pangu has opened an account on Reddit and is investigating the case. They say that MySpace and Tumblr have been hacked this year and want to know if the affected users used the same credentials. They also say that neither they nor 25pp would be "so stupid to make money by hacking users' PayPal accounts through a jailbreak tool. We hope to discover the truth as soon as possible. ”
The best accessories for your iPhone
Are you looking for a new case for your iPhone? An accessory for the Apple Watch? Maybe a Bluetooth speaker? Do not miss these offers on accessories and get the most out of Apple's mobile: