hackedIphone

(Credit: Tweakers.net)

Saw this story via CNET.  I was a bit concerned till I read how the hack was done.  A bit of background information though, seems a hacker got in to a few jailbroken iphone running T-Mobile in the Netherlands.  Basically, it puts a message on your phone saying you have been hacked and to learn how to fix the problem, you had to pay the guy 5 euros ($7.36), to get the fix. To get to the fix you had to go to a website after paying via paypal.

The way this guy is getting in is pretty easy.  He simply scans open ports looking for SSH running using the default password of ‘alpine’.  Once he SSH’s in, he has pretty much full control of your phone.  So how do you stop this?  2 Ways.  First CHANGE YOUR BLOODY PASSWORD!  I mean really.  Change it.  Second, and what I do, turn SSH off.  I never have it running unless I need to get into the phone and do something.  But wait Chris, how do I do that?  I do not even know how to put ‘putty’ on my windows system. Putty is a SSH client for windows BTW.  Turning off SSH is easy to do. Remember my top 10 jailbreak apps?  Well, SBSetting is number 1 for a reason.  There is a nice button there called SSH.  Click on it.  SSH is now off.  Your welcome. 🙂

After the story broke, it seems the guy changed his mind because the fix has been posted here.  Here is the fix.

1. Get an SSH program like putty for windows.
2. SSH to your iPhone. (If you haven’t done that before it may take a while, and after that there might come a warning about a key fingerprint. You can just accept that). Login using username “root” and password “alpine”. (this is the default password)
3. There’s a few commands you have to execute, best is to just copy them:

rm /System/Library/LaunchDaemons/com.apple.syslog.plist
chown mobile /private/var/mobile/Library/LockBackground.jpg
chmod 666 /private/var/mobile/Library/LockBackground.jpg
mv /private/var/mobile/Documents/LockBackground.backup.jpg /private/var/mobile/Library/LockBackground.jpg

4. That’s everything to remove my stuff. Now there’s one command left to make sure this won’t happen again! Again in putty or any ssh client type: “passwd”. You’ll then be asked for a new password, you can change this into anything you want. The safer the better of course (:

The reason you have to change this password is that it’s default is alpine at ALL iPhones. So if anyone knows that (and all hackers do) they can access your iPhone. Now you’ve changed it this isn’t possible anymore!

Leave a Reply

Your email address will not be published. Required fields are marked *