Last week I wrote about the latest big jailbreak release for iOS 9 from Pangu, which allows you to jailbreak Apple devices running iOS 9.2-9.3.3:
'Jailbreak Finally Released For Apple iOS 9.2-9.3.3: Full Pangu Install Guide'
The tool wasn't as easy to use as many we've seen over the last few years and while there were no major security concerns with the tool itself, others have reared their heads relating to the way the tool was delivered.
Some people that jailbroke their devices last week are reporting unauthorized access to certain accounts, including Facebook, Paypal and even credit and debit card accounts, with Reddit users and 9to5mac.com reporting various instances and ongoing discussion.
Pangu tool is now available in a simpler form that's easier to use and in English.
What's going on?
It's difficult to say. The numbers are small and certainly small enough to be part of the usual breaches in security we see every day on websites like these due to successful fishing emails or other unauthorized access.
The creator of the jailbreaking app store Cydia, Jay Freeman, who goes by the username saurik on Reddit had this say on the matter:
I will also say I trust Pangu a lot... but I don't know if the Chinese version of their app was only touched by them. I bet the English one was their work only, though you are downloading it from 25PP, which opens some issues: do you trust the employees at 25PP with control over their servers? I would say that it would be dumb to do quickly be trying to attack people rather than racking up more credentials before anyone becomes suspicious.
You have to remember that there are millions of people who jailbreak. And Pangu specifically listed this subreddit on their website as a place to talk to people about their issues, so we are going to be seeing tons of people. Do we really have evidence that this is an issue with the jailbreak process as opposed to a string of random attacks that are being noticed here because we are all being extremely suspicious this week?
If anything, I bet there was just some website, maybe it was even one we all use more often than other people (like reddit! ;P) which was hacked in some way, and people were sharing passwords between there and PayPal, and that hack just happens to have happened at about the same time the jailbreak came out.
I too have faith in the Pangu team as they have released numerous tools without any such issues and have too much to lose (and not enough to gain by stealing just $50 from your Paypal account when the company behind them is worth billions of dollars). While I can't dismiss the possibility of security breaches, I suspect that these issues are possibly due to software the original Chinese version of the tool came with that may not have been entirely under control of the Pangu team.
More likely, though, they're just a coincidence and would have happened anyway, with the only reason they're being reported is that the people concerned jailbroke their iPhones around the same time (there are also plenty of similar reports out there dating to before the jailbreak was even released).
The Pangu team has subsequently released an easier-to-use English version of tool, which you can download here, and it's my suggestion that you restore your device to wipe the original jailbreak and jailbreak using this tool at the very least, while using a throw-away Apple ID and password. You should also uninstall the original Windows-based software as well and run an anti-virus scan just to be on the safe side. However, to be extra careful, remove the jailbreak entirely by restoring your device in iTunes and wait for this to blow over while keeping a close eye on your accounts just in case.
It's important to realize that jailbreaking in itself does not render your device open to security issues. Only installing further software, often from untrusted sources, have people run into issues and even then reports are rare of anything serious happening. I'll report back when there is more news.
