Looking for an iOS jailbreak? Beware of scammy offers
Users searching for a way to jailbreak an iDevice should be extremely careful not to fall for fake offers such as that on the taig9.com website.
TaiG is the name of a well-known untethered jailbreak for most devices on iOS 8.0-8.4, and scammers are exploiting the name to trick users into offering them donations.
“This fake jailbreak solution is dominating the top results on Google search, using well-known jailbreaking names to fool users, and receiving referrals on Reddit threads,” Symantec researchers warn.
The scammers have created a website spoofing that of TaiG (at taig.com), and claim that the Windows and Mac tools for the iOS 9.2.1 jailbreak will be released soon, but that the users can try a beta tool hat can execute a jailbreak through a browser of an iOS device.
Once a user starts the jailbreak process, he or she will be taken through a number of steps that will ultimately lead to the installation of two iOS configuration profiles and the creation of a shortcut linking to a fake Cydia webpage.
“This page is apparently designed to make users believe they have successfully jailbroken their phone and installed the real Cydia app,” the researchers point out.
In between the installation of the two configuration profiles, users will be asked to make a donation in order to access a “freemium” part of the app store from which the Cydia app can apparently be downloaded.
The popularity of this scheme can be deduced by this metric: Symantec says that at least 100,000 Symantec users were lured to the scammy pages. Whether those users have made a donation or not is unknown.
Jailbreaking Apple devices is generally a bad idea, as it makes them less secure than Apple intended. On the other hand, it allows users to install a wider variety of apps that Apple is comfortable with, and that is one of the reasons why some users take the plunge.
Users who are looking for a way to jailbreak their devices and believe they have found the perfect solution should check this list of community-reported scam sites before downloading anything.
The list is not complete, but it can come in handy, and gives an idea of how popular similar schemes are.