A Dutch hacker recently threatened all jailbroken iPhone users with a proof of concept showing that their phones stand vulnerable to high risk and are absolutely unsafe after being jailbroken. He made use of port scanning method to find jailbroken iPhones in his country Netherlands running with SSH. He then sent unaware and totally off guard users a SMS message which read: "Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.". The screen is question can be seen in the screenshot below.
Clicking on the URL took the victim to PayPal site and asked him/her to pay €5 in order to remove the hack. The demand for money was extremely immoral. The hacker was illegally accessing personnel files on his device and then blackmailing its owners for money. It has now been reported that he has changed his mind now and has given up on the illegal attempt to collect some money, and has posted instructions for reverting what he did to several Dutch iPhone users. He has also decided to return whatever he has received through his feat. This incident highlights the fact that jailbreaking removes the security mechanisms that is in place for the iPhone OS which ensures preventing unauthorized intrusions and securing the device against hackers. Someone else can also play the same trick and may not even tell you about it. So the lesson to learn here is that if you jailbreak your iPhone and do things like leaving SSH running, then you must change the default password.
Unfortunately, all iPhones have same default root password ‘alpine’ which almost everyone knows, and that many forget to change after jailbreaking, leaving their phone vulnerable to intrusion and hacking. The easiest thing one can do to secure his or her iPhone is to change default root password or by disabling SSH. Here is a simple guide on how to change your default SSH root password to make sure that your iPhone is secured against such attacks.
The following guide assumes that you have a jailbroken iPhone with OpenSSH installed.
Step 1: Go to Cydia and search for MobileTerminal app and then install it on your iPhone. Once you have successfully installed MobileTerminal, Reboot your iPhone.
Step 2: Now start MobileTerminal app and type the following command:
Step 3: You’ll now be asked for your old password which should be ‘alpine’ (without the quotes), followed by a new one of your choice (twice). Simply enter your old and new password and you are done!
UPDATE 1: As correctly pointed out by some users in the comments section below, the instruction in Step 2 will change your mobile password only. In order to change root password, type ‘login’ command (without quotes) and then press enter. Now type ‘root’ (without quotes) as your login and ‘alpine’ as your current root password. Once you have logged in as root, type ‘passwd’ command (without quotes) again and press enter. It will now prompt you to enter a new password (twice). Simply enter your desired new password again as you did in Step 3 (for changing mobile password) and you should be all fine. It is highly recommended that you change, both your mobile and root passwords to make sure you are completely safe from any outside SSH attack.
Feel free to ask me any question regarding any problem that you may encounter when securing your iPhone against this hack.