The sole purpose of earlier years, a lot of iPhone jailbreak is to install third-party input method, iOS is now fully open API interface, the ime jailbreak users also gradually reduced. But there are still many players to install third-party plug-in is reluctant to part with prison break.
WooYun.org has revealed that white hat based on the analysis of a red envelope plugins found that Chinese some iOS App/plug-in development team up accounts in silently steal users from prison and text passwords, and record on the remote server.
It is reported that more than 220000 up to the information such as password were stolen from me many built-in back door iOS plugin (jailbreak iPhone real espionage case). Verified, these stolen up account can login, all kinds of information such as email, photo all can leak.
According to speculation, developers stealing them up account there may be three main purpose: 1, brush AppStore list; 2, privacy to steal; 3, malicious lock machine extortion.
At present, the vulnerability has been passed on to third parties (many countries Internet emergency center), is a cooperative organization processing.
Prison break is risky, plug-ins need to be careful.