Nus trivia News a.i. video

5 Android apps you shouldn't miss this week! - Android Apps Weekly - Android Authority

Alexa, delete what I just said! Here's how to keep Amazon from listening in - CNET

Musk's SpaceX Launches Second Batch of 60 Starlink Satellites - The London Free Press

Stop being jealous of iMessage. What you need to know about Android's fancy texting update - CNET

Watch SpaceX launch another 60 Starlink satellites and attempt a new rocket landing record

SpaceX Launched 60 Production Starlink Satellites

Alibaba beat Amazon's estimated Prime Day sales within an hour and crushed analyst estimates for Black Friday and Cyber Monday combined

Grab this early Black Friday Samsung Galaxy S10e deal with big data and cheap pricing

Goldman is looking to fix the flaw that has Apple Card users claiming gender discrimination

The 2017 MacBook Air is at its lowest price we've seen before Black Friday

You can now download the Google Stadia app from the Play Store - Android Authority

The Target Black Friday 2019 ad has arrived - CNET - CNET

Want to run faster? Improve your algorithm - BBC News

Black Friday 2019 TV deals available now (and coming soon) - CNET

Apple pulls app that let you stalk people you follow on Instagram

Amazon Fire HD 10 (2019) review: you get what you pay for

The next iPad Pro may arrive in early 2020 with 3D sensors

Get a free year of Amazon Prime with TalkTalk's broadband and TV deals

Amazon is opening its own grocery store in 2020

The best credit cards with annual fees under $100 of November 2019

Fake iOS jailbreak could be putting iPhone users at risk

Date published: 2019-10-16
Originally published: Here. Excerpt below.

A new vulnerability has been discovered which exists across legacy iOS hardware and while some have used it to jailbreak their devices, Cisco Talos recently discovered that cybercriminals have set up a fake website looking to capitalize on users trying to jailbreak their iPhones.
However, instead of actually jailbreaking a user's device, the site just prompts users to download a malicious profile that the attackers then use to conduct click fraud.
Checkm8 is a bootrom vulnerability that impacts all legacy models of the iPhone from the 4S through the X. The campaign discovered by Cisco Talos tries to capitalize off of a project called checkrain which uses the checkm8 vulnerability to modify an iPhone's bootrom and load a jailbroken image onto the device.
The Checkm8 vulnerability can be exploited using an open source tool called “ipwndfu” developed by AxiomX but the attackers being tracked by Cisco Talos run a malicious website called that preys on users searching for the legitimate checkrain project.
The fake checkrain site tries to appear to be legitimate by claiming to work with popular jailbreaking researchers such as “CoolStar” and Google Project Zero's Ian Beer. The page prompts users to download an application to jailbreak their phone but there actually is no application, as the attackers are trying to install a malicious profile onto the end-user device.
When a user first visits the fake website, they are presented with a download button. Cisco Talos noticed several things about the site, including the mention of A13 devices which aren't vulnerable to Checkm8, which indicate that the website is not legitimate.
Additionally, the website says that users can install the checkrain jailbreak without using a PC but in reality, the Checkm8 exploit requires that the iOS device be in DFU mode and is exploitable using an Apple USB cable. Another tip off was the fact that the fake checkrain site uses an SSL certificate from LetsEncrypt while the actu ...

Related stories

Fake iOS jailbreak could be putting iPhone users at risk

Fake iOS jailbreak could be putting iPhone users at risk - TechRadar

Explore more stories...

Continue reading story: Here.

Today's top stories on

Other trending stories

Tell us what you think!

Fake iOS jailbreak could be putting iPhone users at risk #Checkm #Cisco #Talos #tech

— NUS Trivia | tech news (@NusTrivia) October 16, 2019