Fake Jailbreak iXintpwn Crashes iPhone by Installing Malicious Profile

All news about Apple

Moderators: Lily Lee, jc_3u, Moderators

Grace Liu
Posts: 537
Joined: 20 Oct 2016 09:33
like: 65

Fake Jailbreak iXintpwn Crashes iPhone by Installing Malicious Profile

Postby Grace Liu » 21 Sep 2017 15:18

You can still use it for testing purposes to get an idea of how things work in the background. But remember, only do this if you know what you are doing.

What is iXintpwn?
iXintpwn/YJSNPI is a fake jailbreak that injects a malicious configuration profile on your device. It was developed by an amateur Japanese hacker, according to TrendLabs.

This jailbreak claims to jailbreak all devices running iOS 9.3.2-10.1.1 firmware.

iphonecrash.jpg
iphonecrash.jpg (39.37 KiB) Viewed 6028 times

Here’s how its installation process works –

  • A user visits iXintpwn’s website.
  • The website then signals the Safari web browser using Javascript to commence the download.
  • The Safari web browser automatically installs the profile. This profile is non-removable.
  • A new icon will now be present on your home screen.
  • Once you try to start this app, your Springboard will be full of such icons and it will crash consequently.

iXintpwn-1.jpg
iXintpwn-1.jpg (68.13 KiB) Viewed 6028 times

Although this is relatively harmless, a skilled hacker can make use of its exploit in a better manner.

Remember, a profile can control your WiFi/VPN Settings, route your traffic, credentials, etc. Therefore, this bug in unsigned iOS configuration profiles can give rise to something powerful that can actually prove harmful.

How to remove iXintpwn from your iDevice?
To remove this profile from your device, you must use the official Apple Configurator 2 app. This app comes with a few caveats, one of them is its limited compatibility.

It only supports Mac systems and doesn’t run on Windows out of the box. Therefore, you must create a Virtual Machine and then use it to remove this fake jailbreak.

ioshackers.jpg
ioshackers.jpg (29.09 KiB) Viewed 6028 times

While this doesn’t actually hack your device, it gives us yet another reason to ensure our devices remain secure. And by far the best to do that is to use only legitimate jailbreak tools developed by notable hackers.

Return to “Apple News”