Google cybersecurity experts said the operation used hacked websites to implant malicious software in iPhones to access data, photos and user locations
iOS 13 brings a slew of new features to the iPhone. AFP / Josh Edelson

A call has been made to Apple’s iPhone users to be vigilant as an iOS hack disguising itself as a legit jailbreak has started deceiving iPhone 4S to iPhone X users. The click fraud is targeting iPhone users as it hides behind “checkra1n,” a recently released jailbreak feature and the names of known researchers such as CoolStar and Ian Beer.

Cisco Talos security researchers released an alert warning Apple iPhone users as they recently discovered that a targeted click fraud campaign is hiding behind the “checkra1n,” a successful jailbreak project that used checkm8 vulnerability to modify the bootrom and load a jailbroken image onto the iPhone.

How The Jailbreak-Disguising iOS Hack Works

The iOS hack uses the checkrain[.]com, a fake website is given as one on the list of options for Apple customers looking for “checkra1n.” iPhone users are asked to download the “mobileconfig” profile to acquire the jailbreaking functions.

The iPhone springboard displays an icon that looks like an app from a user’s perspective after the download. It turns out that the icon is a kind of bookmark that connects to a URL that asks users to verify their information. Users are then lead to multiple redirects that lead to multiple verification chains.

The expected iOS jailbreak preparation process ends up on an iOS game install offering in-app purchases. After the game installation, the users will receive a note telling them to have fun for seven days before the unlock completes.

How Can iPhone Users Protect Their Device From The iOS Hack

Since checkrain[.]com website can easily be mistaken as a website that would lead iOS jailbreakers to “checkra1n,” users must take note that the genuine feature’s real name is “checkra1n” not checkrain. It does not use an SSL certificate and requires a PC upon installation as it is exploitable via the Apple USB cable and requires the device to be in DFU mode.

Another indication is that the “checkrain” jailbreak only supports A5 to A11 chipsets run iOS devices, contrary to what the fake website claims that it can bypass even devices powered by A13chipsets.

How Far Has The iOS Hack Gone

Reports from the researchers say that the victims are iPhone users living in the U.S. and that the attack targets U.K., Australia, Canada, Egypt, France, Georgia, Italy, Iraq, Netherlands, Nigeria, Turkey, Venezuela, and Vietnam.