Last month the iOS jailbreak community was surprised when a developer announced a new exploit that can be used to developer jailbreak solutions.
A team of scammers has managed to fool a large number of people who use Apple devices after they offered a fake jailbreak solution via an internet website. Users contributed to click-fraud, as the scammers used tools which allowed them to boost the rankings of several apps.
According to the security group who spotted the scam, the criminals observed the popularity of a new jailbreak solution known as checkra1n. The jailbreak solution harnesses the Checkm8 iOS bootroom exploit.
Users were encouraged to register on the website, which promised the ability to jailbreak your devices instantly, without the need to resort to other tools. After the registration process was complete, the site offered a profile that had to be installed on the device. What the users didn’t know was the fact that the profile was filled with malware.
Tech-savvy users could spot some red flags as the site claimed that the jailbreak solution is compatible with devices which sport the A5 to A13 processors and any iOS version ranging between 12.4.2 and 13.1.2
However, the checkm8 exploit and any cracks based on it, including tcheckra1n, are limited to iOS devices, which feature chipsets ranging between A5 to A11. It is also important to note that the checkm8 exploit requires the use of computer since the iPhone has to be in DFU mode and connected via USB cable.
Another red flag comes in the form of a LetsEncrypt SSL certificate, which was registered on October 10. The fact the certificate is so recent proves that the scam is still new, but going the extra mile to obtain o legitimate certification proves that the scheme was planned well.
Users who attempt to launch the fake jailbreak app will be bounced between several connections, allowing the scammers to commit click-fraud and to generate money from dishonest app developers.