Despite app discovery services like Chorus for iPhone, the AppStore is a really tough place to eek out a living. That may have prompted one Dutch teen to find a new way to make money from the iPhone – hold them for ransom! That’s what happened yesterday when some T-Mobile iPhone users in the Netherlands found a hacked message on their jailbroken iPhones. The message asked the user to secure their iPhone by paying $4.95 for instructions to remove the message prompt. The hacker didn’t disable the iPhones in any way, but he essentially wanted a ransom for peace of mind (and not seeing an annoying pop-up message at boot). It was an interesting (not ethical, or commendable, but interesting for sure) money-making scheme for all of a day, before the hacker got shut down.
The jailbroken iPhone community comprises no more than a small minority of all iPhone owners out there, but with many millions of iPhones spread around the world, that’s still a sizable community. Seeing as how most of those jailbroken iPhones are still going about their day with the default SSH password, it was only a matter of time before someone tried to make money from jailbroken iPhones.
This is what the hacker posted to his website:
“Dear iPhone user,
Your iPhone is not secure. That’s the reason your visiting this page, isn’t it? Well you can pay me $4,95 at my paypal account PureInfinity92@mailinator.com, and I’ll mail you very easy instructions on how to secure your iPhone. You can also contact me at PureInfinity92@gmail.com
If you don’t pay, it’s fine by me. But remember, the way I got access to your iPhone can be used by thousands of others. And they can send text messages from your number (like I did..), use it to call (or record your calls), and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It’s just my advise to secure your phone (: Have a nice day!”
The good news is that PayPal suspended his account with haste, making sure that the ill-intentioned teen couldn’t make any money from his scam. The hacker then posted a follow-up to his site, apologizing for his scam and offering his instructions to remove the message (and secure jailbroken iPhones) for free.
The lesson here? Change your jailbroken iPhone’s SSH password. Find out how to do that here.