Jailbroken iPhones Ransomed by Dutch Hacker
On the other hand, we doubt jailbreaking will end life as we know it, as Apple believes.
According to a forum post, the hacker broke into jailbroken iPhones on T-mobile Netherlands. Typically, SSH is turned on for jailbroken iPhones, allowing a user to log in via Terminal and run standard UNIX commands.
However, if you want to do that, you really need to change the default root password. As is the case with many routers, which can be broken into the same way if unprotected, iPhones all have a default root password that many forget to change after jailbreaking.
If a user visits the website (since taken down), he is directed the user to send €5 to a PayPal account, after which the hacker will e-mail instructions to remove the hack. Or you could just restore your phone and jailbreak again.
Of course, he's just trying to be helpful, he says. "If you don't pay, it's fine by me. But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advice to secure your phone."
There are two ways to secure your jailbroken iPhone. You can turn off SSH when you are not using it (SBSettings is a well-known app for jailbroken phones you can use for this), and / or you can change your root password. For that, you can use MobileTerminal (another well-known app).
At any rate, this is just another warning to jailbroken iPhone users. While jailbreaking opens up a wealth of applications you can't get otherwise, there are things you need to be cautious about.