Checkrain Fake iOS Jailbreak Leads to Click Fraud

upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Content source
https://blog.talosintelligence.com/2019/10/checkrain-click-fraud.html
Attackers are capitalizing on the recent discovery of a new vulnerability that exists across legacy iOS hardware. Cisco Talos recently discovered a malicious actor using a fake website that claims to give iPhone users the ability to jailbreak their phones. However, this site just prompts users to download a malicious profile which allows the attacker to conduct click-fraud.

Checkm8 is a vulnerability in the bootrom of some legacy iOS devices that allows users to control the boot process. The vulnerability impacts all legacy models of the iPhone from the 4S through the X. The campaign we'll cover in this post tries to capitalize off of checkra1n, a project that uses the checkm8 vulnerability to modify the bootrom and load a jailbroken image onto the iPhone. Checkm8 can be exploited with an open-source tool called "ipwndfu" developed by Axi0mX. The attackers we're tracking run a malicious website called checkrain[.]com that aims to draw in users who are looking for checkra1n.

This discovery made headlines and caught the attention of many security researchers. Jailbreaking a mobile device can be attractive to researchers, average users and malicious actors. A researcher or user may want to jailbreak phones to bypass standard restrictions put in place by the manufacturer to download additional software onto the device or look deeper into the inner workings of the phone. However, an attacker could jailbreak a device for malicious purposes, eventually obtaining full control of the device.
Click to expand...
 
  • Like
  • +Reputation
  • Thanks
Reactions: Venustus, [correlate], Gandalf_The_Grey and 2 others
[correlate]

[correlate]

Level 18
Top Poster
Well-known
May 4, 2019
801
Checkm8 iOS jailbreak used as lure in online scam
iOS users tricked into installing online games and told to "reach Level 8 in 7 days."
Threat actors are using the hype around the recently announced Checkm8 iOS jailbreak exploit to trick users into installing unwanted iOS apps on their devices.
These apps aren't malicious per-se, but crooks are earning commissions from pay-per-install schemes.
This online scam is currently hosted on checkrain[.]com.
This malicious website is a clone of the authentic checkra1n[.]com, a website where a team of security researchers said they plan to publish the first user-friendly Checkm8 jailbreaking tool.
Click to expand...
www.zdnet.com

Checkm8 iOS jailbreak used as lure in online scam

iOS users tricked into installing online games and told to "reach Level 8 in 7 days."
www.zdnet.com www.zdnet.com
 
  • Like
Reactions: Venustus and upnorth
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode
Replies
1
Views
1,180
News Archive
simmerskool
simmerskool
Ink
    • Like
    • Thanks
    • Wow
Security News Major Flaw in iOS 17.3 new Stolen Device Protection, how to fix
Replies
3
Views
1,224
Security News
simmerskool
simmerskool
[correlate]
    • Like
    • +Reputation
    • Applause
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
Replies
1
Views
1,166
News Archive
SumTingWong
SumTingWong

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top