Pangu Pushes New Jailbreak for iOS 8

Today, a jailbreak for iOS 8 and 8.1 was released by Pangu, the same team that released a jailbreak for iOS 7.1 shortly after its release earlier this year.

Pangu should concern us – the security community, enterprises, and consumers alike – because it represents a major technology leap, ultimately removing the barrier for attackers to create sophisticated mobile-targeted attacks on the latest release of iOS.

If you are a Lacoon customer, you are already protected against the threat of jailbroken devices and detection of apps that haven’t been validated by Apple’s app verification program. (For more information, please email [email protected])

What is jailbreaking?

Jailbreaking removes all of the security mechanisms Apple has built-in to an iOS device. This ultimately allows a user — or an attacker — to install apps that aren’t scrutinized under Apple’s control. These apps can be installed  from any app marketplace – not just from Apple’s proprietary App Store.

Furthermore, on a jailbroken iOS device, the installed apps are not restricted in their capabilities either. As a result, there’s no enforcement over what these apps can do. They can snoop on contact lists, retrieve sensitive email messages and docs, and even turn on the microphone and camera without the user’s knowledge or consent.

Why would I jailbreak my iPhone or iPad?

One of the primary reasons is that jailbreaking your iOS device allows you to install apps from marketplaces other than the Apple App Store. It also allows you to tweak settings and make adjustments to your device that aren’t available without jailbreaking it. The benefit is that sometimes gray-market apps are lower cost, free, or simply not found in the App Store, but the risk is that they may pose a security threat to the device and its data.

How do I use Pangu to jailbreak my iPhone or iPad?

Jailbreaking an iOS device is fairly straightforward.

Screen Shot 2014-10-22 at 1.43.12 PM

  1. Download and install the Pangu jailbreak tool on a personal computer.
  2. Disable iCloud Find My iPhone and device pin code.
  3. Once an iOS device is connected to the computer, the tool detects the device type and can start the jailbreaking process.
  4. During the jailbreak process, the device will reboot twice.
  5. That’s it, the device is jailbroken!

Could someone jailbreak my iPhone or iPad without my knowledge?

Absolutely. With physical access to a device, an attacker with the tool can easily, quickly and efficiently jailbreak an iOS device as part of a targeted attack. For example, someone who wants to spy on or steal information from a family member or business associate could install the jailbreak without their knowledge. All they would need is a moment alone with the device and a computer.

Can a user detect that a device is jailbroken?

Not necessarily. A user may visually notice on the jailbroken device a Cydia app, which leads to the Cydia marketplace – an unofficial iOS app marketplace. However, the process of jailbreaking a device does not require the installation of the Cydia app, and in the latest Pangu jailbreak, Cydia isn’t yet included. Instead, an alternate Chinese app marketplace is installed .

Screen Shot 2014-10-22 at 1.41.29 PM

If I use my iPhone or iPad for work, can jailbreaking put my employer’s data at risk?

Enterprises can suffer from a visibility issue if they don’t know which of their employee devices are jailbroken. Even solutions that help manage BYOD like Mobile Device Management (MDM) solutions and secure containers aren’t always effective because there are frameworks that bypass their jailbreak detection mechanisms. Encryption-enabling apps or encrypted docs are also hindered by jailbroken devices because the underlying security mechanism they rely on are no longer there.

Which Apple devices are at risk?

Any iPhone or iPad running iOS 7.1 or later can be jailbroken using the new Pangu tool, including:

  • iPhone 6
  • iPhone 6 Plus
  • iPhone 5S and 5C
  • iPhone 4S
  • iPad 2
  • iPad 3
  • iPad 4
  • iPad Air
  • iPad Mini
  • iPad Mini with Retina Display

Can Lacoon mitigate the threat to enterprises posed by jailbroken devices?

Yes! With the Lacoon Threat Management Platform, enterprises can:

  • Identify unauthorized or unvalidated Apple apps installed using certificates, but that are not approved by the enterprise
  • Detect jailbroken devices by analyzing app processes and workflows

Screen Shot 2014-10-22 at 1.41.51 PM

Where can I get more information on iOS-based targeted attacks?

We recommend you view our short YouTube video, Top 5 Cyber Risks on iOS Devices. Or, if you prefer, you can visit the Resources section of our website to download a variety of articles and other publications by the Lacoon Research Team.