Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Pangu iOS 7.1 jailbreaking tool opens up devices to compromise, researchers find

Under the right circumstances, a recently released jailbreaking tool for iOS 7.1 – Pangu – can be used by attackers to compromise Apple's mobile devices, according to mobile security company Lacoon.

Currently, running Pangu requires a physical connection between the mobile and a PC, according to a Wednesday post by Ohad Bobrov, vice president of research and development with Lacoon, who added that jailbreaking the device takes a couple of mouse clicks and a few minutes.

Since jailbreaking escalates privileges and enables the removing of iOS security mechanisms, an attacker could then install surveillance software on the iPhone or iPad, which can allow the bad actor to send text messages, intercept emails and data from banking applications, and record audio – all unbeknownst to the owner.

Pangu uses an Apple enterprise certificate to jailbreak iOS 7.1 devices, Bobrov wrote.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.