Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Carlanga

macrumors 604
Nov 5, 2009
7,132
1,409
ummm, I jb using the safari method, but I had my twitter account locked today due to suspicious activity which i found random. Funny thing is I don't post on twitter, I follow, so I only had one post. The password was super weak though, but its the only one w a weak password of my accounts.
 

Shirasaki

macrumors P6
May 16, 2015
15,535
10,800
I do remember the tool DOES recommend users to use a burner ID to download tools. Maybe the password should be a totally different one on any other account as well?

I am in iOS 10 so cannot jailbreak anyway but this scary me a bit.
 

NewdestinyX

macrumors 65816
Jul 19, 2007
1,069
534
I do remember the tool DOES recommend users to use a burner ID to download tools. Maybe the password should be a totally different one on any other account as well?

I am in iOS 10 so cannot jailbreak anyway but this scary me a bit.
Actually you CAN downgrade to 9.3.3 and jailbreak.
 

Shirasaki

macrumors P6
May 16, 2015
15,535
10,800
Actually you CAN downgrade to 9.3.3 and jailbreak.
Yeah I know I have a month to do so.
But I have lost all my iMessage history thanks to the previous downgrade and I have no method to recover previous message history.

I will be really reluctant on this one.
 

bandofbrothers

macrumors 601
Oct 14, 2007
4,779
328
Uk
I read this and laughed. Why you would you run software from unknown and untrusted sources? It boggles the mind.


Isn't that what jailbreakers do every time they initially JB. ;)

Difference this time is the additional need for an Apple ID for the certificate when processing this via a computer.

There's sketchy proof that this JB via computer has instigated breaches.

If this was intended then IMO there would have been a massive one breach at approximately the same time.

I JB via the Safari method and have had no breaches. I change all my passwords frequently anyway.

The Reddit thread that seemed to set this snowball rolling reads that the Op isn't themself clear if this was the culprit and wasn't hit by any form of keylogger and Saurik himself has commented about Pangu and people possibly using the same password for multiple log ins.

A few well known JB Devs have de constructed the JB tools and found nothing worrying.

I assume you do not JB ?
 

ielessar

macrumors regular
Apr 29, 2015
226
63
WJ
I don't think it's because of the jailbreak.

Also, I provided an Apple ID that I don't use. Just made on up.
 
  • Like
Reactions: N8erB

NewdestinyX

macrumors 65816
Jul 19, 2007
1,069
534
The guy that got his PayPal hacked for all of "$15" - it had absolutely nothing to do with this jailbreak. Saurik said it himself. Pure coincidence.
 

sawah

macrumors 65816
Sep 13, 2010
1,126
686
My question is this. What about the people who used the Chinese Windows tool and it didn't ask for an Apple ID? Have any of them been hacked?
 

vertsix

macrumors 68000
Aug 12, 2015
1,619
4,206
Texas
The only thing that worries me is that this is a breach on device.

Sure, installing a jailbreak ultimately decreases the security of your device, but as far as I can recall there has never been a significant breach on an iOS device in terms of malware or spyware.

It's been five days since I've jailbroken via Safari (deleted the PPStore immediately after I jailbroke through Cydia) and I haven't had anything compromised.

I also looked through LaunchDaemons and searched for any instances of "PP" on the filesystem on my phone, and haven't found anything notable.

All that's left is to monitor the network usage from my phone (packets sent and received) and check the running processes just to be completely sure.
 

flameproof

macrumors 6502a
Jan 14, 2011
615
18
I am a bit curious, how can the Pangu guys steal from your credit card? When I use Chrome i.e., it auto-enters the full card details, but without the CVV code, that I need to enter manually. Will iOS store your CVV # too? Or do the record and transmit touch/keystrokes?

Wouldn't that mean that only those people are at risk that used their CC or Paypal after the Pangu JB?
 

erayser

macrumors 65816
Apr 9, 2011
1,252
1,179
San Diego
They can't - it's all hype.. Nonsense..

I don't know about that... after jailbreaking I noticed one of my credit cards was replaced with this...

pangucc2.png
 
Last edited:

Loadsled

macrumors newbie
Jul 27, 2016
29
52
I got hit with a $14.99 iTunes charge on my credit card after using the Windows English tool with burner ID. I haven't bought anything and have no active subscriptions. When I go into iTunes and see past purchases, nothing for that amount. Emailing Apple to see what it's about.

Edit: ignore this. Nothing compromised.
 
Last edited:

kalirob99

macrumors 68000
Dec 24, 2008
1,699
134
California
I got hit with a $14.99 iTunes charge on my credit card after using the Windows English tool with burner ID. I haven't bought anything and have no active subscriptions. When I go into iTunes and see past purchases, nothing for that amount. Emailing Apple to see what it's about.
From what Saurik said, doubt it's connected. Unless you got the tool from a dodgy site.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.