iPhone, iPad and iPod vulnerable to jailbreak malware

5 Aug 2010

Until Apple releases a new patch, all users of iPhones, iPads or iPods are at risk of drive-by exploits used by Jailbreakme with nothing to prevent a malicious hacker using vulnerabilities in the devices to automatically install malware onto the device.

According to Websense Security Labs, late last week a new jailbreak method was released for iOS 4 and iPhone OS 3.x based devices such as the iPhone, iPod and iPad.

Jailbreaking these devices has been done for years to allow these devices to run applications not approved by Apple, and also as a means to unlock iPhones for use on other carriers.

What is different in this new method is that all that it takes to jailbreak the device is a visit to a specific website using the built-in web browser. Previously, users had to connect the device to a computer and use software for Windows or Mac to complete the process.

At jailbreakme.com, all it takes to complete the jailbreak is to slide the arrow to the right and wait for the process to complete. To perform the jailbreak, the process takes advantage of two vulnerabilities; one in how Safari parses PDF files, and one in the kernel of iOS/iPhoneOS.

Apple is reportedly looking into the vulnerability issues, but until they have issued a patch, Websense says all users of iPhones, iPads, or iPods are at risk, because there is nothing that prevents a malicious attacker from using these vulnerabilities to automatically install malware onto the device.

“Reports around the web are claiming that there isn’t much a user can do to prevent this type of attack unless you’ve already jailbroken, as there is an add-on, via Cydia, that will warn you for every PDF you open. However, this is not entirely true,” Websense said in an official blog.

Blocking an attack

“While it is true that Safari and other web browsers on iOS/iPhoneOS automatically render and display a PDF page, and therefore will load the exploit automatically, some third-party browsers have customisable filters that can block the attack and prevent your device from compromise. Two examples are Atomic Web Browser and iCabMobile, both of which work on iPhone, iPod Touch and iPad.”

Websense provided a walkthrough of how using the Atomic Web Browser and iCabMobile tools can prevent your device from compromise.

“Finally, don’t forget that these third-party browsers will not protect you if you get a PDF in an email message, click on a link in an email/SMS or click on a link that launches a built-in browser in the app (like Twitter, Facebook, etc). These all use the Safari engine to view the PDF and will bypass the third-party browser filters,” Websense said.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years