Skip to main content

Cydia

See All Stories

Extensify: a simple and easy-to-use tweak store for non-jailbroken iPhones [Video]

Site default logo image

Extensify

Extensify is a highly anticipated app release from developers Majd Alfhaily and Kevin Ko that’s been in the works for quite some time. This weekend it will finally be launched as a part of a limited rollout.

Extensify is best described as a tweak store that allows you to change the properties of App Store apps. Unlike tweaks that require your iPhone to be jailbroken, Extensify works without needing a jailbreak. This is made possible by Apple’s decision to allow users to sideload iOS apps. Have a look at our hands-on video walkthrough inside for more details.
Expand
Expanding
Close

Jailbreak How-To: Play a Space Invaders-inspired game right from your iPhone’s SpringBoard

Site default logo image

SpringInvaders

SpringInvaders is a $0.99 jailbreak tweak for jailbroken iPhones that just launched today. It’s very obvious that the game gets its inspiration from Space Invaders, the classic arcade title. Instead of taking out aliens, however, gamers are tasked with shooting down enemy ships that turn out to be modified versions of the app icons installed on your iPhone.

Your own ship is moved from side to side using the iPhone’s accelerometer, and a tap on the screen causes your ship to shoot tiny app icon bullets at enemies. Have a look at our video walkthrough to see SpringInvaders in action.

Expand
Expanding
Close

Pangu releases first untethered jailbreak for iOS 9, includes support for iPhone 6s

Screen Shot 2015-10-14 at 09.57.45

Pangu has today released the first public untethered jailbreak for iOS 9, which can be installed on iPhone, iPad or iPod touch. This includes the latest iPhone 6s and iPhone 6s Plus and every public version of iOS 9 (iOS 9.0, iOS 9.0.1 and iOS 9.0.2), meaning its now technically possible to reach beyond what’s possible in the Apple App Store on Apple’s latest devices. The jailbreak software is available for free, but right now there’s only a Windows installer available. Mac support will probably follow in the future but a date has not been announced.


Expand
Expanding
Close

iOS jailbreak malware stole 225,000 Apple IDs across 18 countries, but it’s unlikely you’re at risk

keyraider6

Researchers from Palo Alto Networks have discovered that a piece of iOS malware successfully stole more than 225,000 Apple IDs and passwords from jailbroken phones, using them to make purchases from the official App Store. The malware, dubbed KeyRaider, also has the ability to remotely lock jailbroken iOS devices in order to hold them to ransom.

These two tweaks will hijack app purchase requests, download stolen accounts or purchase receipts from the C2 server, then emulate the iTunes protocol to log in to Apple’s server and purchase apps or other items requested by users. The tweaks have been downloaded over 20,000 times, which suggests around 20,000 users are abusing the 225,000 stolen credentials.

However, it’s extremely unlikely that you’re at risk: the malware can only run on jailbroken devices, and appears to spread through only one set of Cydia repositories, run by Weiphone.

The malware was used in two tweaks that allow those running them to download paid apps and make in-app purchases from Apple’s official App Store without payment. The tweaks used the stolen credentials to make the purchases.

If you think your iPhone or iPad may be at risk, Palo Alto Networks has provided the following instructions to detect and remove the malware. Further details over at the company’s lengthy blog entry.

Users can use the following method to determine by themselves whether their iOS devices was infected:

  1. Install openssh server through Cydia
  2. Connect to the device through SSH
  3. Go to /Library/MobileSubstrate/DynamicLibraries/, and grep for these strings to all files under this directory:
  • wushidou
  • gotoip4
  • bamu
  • getHanzi

If any dylib file contains any one of these strings, we urge users to delete it and delete the plist file with the same filename, then reboot the device.

We also suggest all affected users change their Apple account password after removing the malware, and enable two-factor verifications for Apple IDs.

The company also notes that not jailbreaking iOS devices is the only way to protect against such exploitation.

Via Re/code

Pangu jailbreak for iOS 8.0-8.1 now “stable enough” for use, says Cydia creator

Site default logo image

[tweet https://twitter.com/saurik/status/530454505994076161]

Cydia creator Jay Freeman (better known as Saurik) has tweeted that the Pangu jailbreak for iOS 8.0 to 8.1 is now “stable enough” for use.

We first saw a developer version of the jailbreak last month, with a user version released a week later, complete with Cydia installer. The installer is Windows-only, but it’s an untethered jailbreak, so once it’s done you won’t need to reconnect to a PC following a reboot … 
Expand
Expanding
Close

iOS 8 jailbreak Pangu now comes with Cydia installer and English support for the masses (Update)

Cydia Installer Pangu

When the iOS 8 jailbreak tool Pangu was released earlier this month for iPhone, iPad and iPod touch, it still had some rough edges such as no one-click solution to install Cydia or support for English. Fortunately, the Pangu tool for Windows now includes a Cydia installer and English support for the masses.
Expand
Expanding
Close

How to jailbreak iOS 7.1 and 7.1.x with Pangu (Video)

Screen Shot 2014-06-23 at 2.39.31 PM

Pangu is a new untethered jailbreak tool for iOS 7.1 and 7.1.1 that was recently released for Windows. There’s no current ETA on an OS X version (OS X is now version available), but after some initial testing, we’ve determined this to be a legitimate tool for jailbreaking iOS 7.1 and up. The process does seem a bit shady, but we have yet to experience any issues with it. Pangu iOS 7.1-7.1.X jailbreak is compatible with all iOS 7 devices.

Keep in mind, this tool is from an unknown team and we’re unsure of the long-term reliability of the jailbreak and exploits used. Proceed at your own risk, but like I mentioned above, everything seems to be working as advertised…


Expand
Expanding
Close

ActiveBoard jailbreak tweak is a beautiful way to stay on top of missed notifications and running apps (video)

activ

ActiveBoard is a new tweak for iOS 7 that adds a couple of useful features to the home screen. Using a pulsating glow behind app icons, ActiveBoard will let you know if an app has a notification or is running in the background. A red glow and bouncing animation will indicate a missed or unread notification, while a white glow informs you of the app’s background status.


Expand
Expanding
Close

Review: Stride 2 jailbreak tweak brings a customizable gesture-based passcode to iOS 7 devices

stride9to5

If you’ve been around the jailbreak community for a while, it’s possible that you’re familiar with the popular iOS 5/6 gesture-based lock screen tweak Stride. This tweak worked as a lock screen passcode alternative and allowed users to set a custom gesture to unlock an iOS device.

Created by the popular tweak developer Adam Bell, Stride is making a comeback and is fully compatible with iOS 7 devices. This exciting release provides a very similar experience, but has been given a very clean makeover. This results in a beautiful native-like iOS 7 gesture-based lock screen and I just can’t get enough of it.


Expand
Expanding
Close

Site default logo image

Chinese iOS malware stealing Apple IDs and passwords from jailbroken devices

malware

Security researcher Stefan Esser (via ArsTechnica) has discovered that an issue reported on Reddit as causing crashes on jailbroken iPhones and iPads is actually a piece of malware designed to capture Apple IDs and passwords from infected devices.

This malware appears to have Chinese origin and comes as a library called Unflod.dylib that hooks into all running processes of jailbroken iDevices and listens to outgoing SSL connections. From these connections it tries to steal the device’s Apple-ID and corresponding password and sends them in plaintext to servers with IP addresses in control of US hosting companies for apparently Chinese customers.

Early indications are that the source of the malware is likely to have been from a tweak downloaded from somewhere outside of Cydia. Esser has identified that the code only runs on 32-bit devices, meaning that the iPhone 5s, iPad Air and iPad mini with Retina display are safe, while other devices are vulnerable.

The blog post says that the malware is easy to check for, but may not be easy to remove. Using SSH/Terminal, check the path /Library/MobileSubstrate/DynamicLibraries/ for the presence of either Unflod.dylib or framework.dylib.

Currently the jailbreak community believes that deleting the Unflod.dylib/framework.dylib binary and changing the apple-id’s password afterwards is enough to recover from this attack. However it is still unknown how the dynamic library ends up on the device in the first place and therefore it is also unknown if it comes with additional malware gifts.

We therefore believe that the only safe way of removal is a full restore, which means the removal and loss of the jailbreak.

Cydia developer Jay Freeman, aka Saurik, pointed out on Reddit that adding random download URLs to Cydia is as risky as opening attachments received in spam emails.

Play Nintendo DS games on non-jailbroken devices with the nds4ios emulator

Site default logo image

nds4ios

nds4ios has released a special version of the app that runs on non-jailbroken devices using a sneaky workaround. As the app is not available in the App Store, previously the app could only be installed on jailbroken devices, such as through the Cydia jailbreak app store. The app gets around Apple’s restrictions by using an enterprise provisioning profile reports TourchArcade. This is normally meant for businesses to distribute apps to company employees, but nds4ios is exploiting it as a way to enable widespread app distribution. Find install instructions after the break.


Expand
Expanding
Close

Site default logo image

Evad3rs team again addresses iOS 7 jailbreak concerns: no money exchanged, disappointed w/ cracked release

jailbreak

After much controversy surrounding the surprise release of a public iOS 7 jailbreak from well-known jailbreakers the evad3rs, the team has published another open letter to clear up some questions and concerns related to the release.

The biggest questions many are still asking are related to why and how the group made a deal with Taig, an app store of sorts that was installed on jailbroken devices in China, while not including an updated Cydia store in the release. While the group cleared up much of the situation in its first letter and removed Taig following piracy concerns, the latest letter addresses questions specifically regarding if any money was exchanged with Taig. It also expresses disappointment that the company released a cracked version of the jailbreak.

The full letter is below:

Privacy and Taig

First and foremost, and of utmost concern, is privacy. No one’s data was ever sent anywhere. Of course, as a member of the community whose work frees devices, it would be against everything we’ve worked for the last 7 years to jeopardize the security of the users of our software. To reiterate, no Taig software was installed unless the computer’s language was set to Chinese. Furthermore, no Taig software would run unless the user opened the Taig application.

After rumors abound of encrypted data being sent for users in China who’ve installed Taig, we decided to do what we do best – reverse engineer the code of Taig to understand what was being sent. Taig transmitted data similar to what Cydia transmits. Unique device identifiers were transmitted in encrypted form similar to how Cydia uses SSL to protect the privacy of its users. Taig did not transmit any private user data from the devices at all.

Piracy and Taig

Our written and verbal agreement with Taig banned it. They assured us it was not in there. We did not check every package in their store but a cursory examination before release found no problems. However, after investigation and after notification from the community, we found examples, including pirated tweaks, Apple App Store apps, and even pod2g’s PodDJ app. We dropped the ball on this. While we at first did not believe Taig purposefully violated our agreement, the depth of the transgression against the software developers and the jailbreak community cannot be overlooked and we could not move forward after that even if it were fixed. We terminated our relationship with them. We are very disappointed that they have decided to put up a cracked version of the jailbreak on their site that installs Taig. We did not give them any permission or source code.

We have refused all monies from Taig

There have been a lot of rumors listing various amounts we’ve been paid. We have received no monies from any group, including Taig. We will not be accepting any money. Our donations are being given to Public Knowledge, Electronic Frontier Foundation and Foundation for a Free Information Infrastructure to help protect jailbreaking as your legal right.

Jailbreak Updates

We are working hard to fix the problems with the jailbreak. Unfortunately, it’s the holidays and we would like to spend time with our friends and family. The events of the last couple of days have been extremely stressful for us and we need some time to recover. We will work as hard as we can to resolve any remaining issues. Thank you for your understanding.

We worked very hard to bring this jailbreak free of charge to the community. We hope you can all enjoy it.

evad3rs

Cydia app for jailbroken devices updated with iOS 7 look and feel

Site default logo image

cydia1
Jailbreaking may be for those who want the freedom to step outside of what Apple has decided iOS devices should do, but even jailbreakers are not immune to the influence of the company’s design guidelines, it seems.

The Cydia app, which allows users of jailbroken iPhones and iPads to install software not available on the App Store, has been updated with a flat look, bright colors and translucent overlays in line with iOS 7. This follows the surprise release of an iOS 7-compatible untethered jailbreak by the Evasi0n team.

There’s perhaps a small amount of rebellion in the fact that the app’s icon has not yet been updated to an iOS 7 look.

A thank-you for help with the new look was tweeted by @saurik. Video of the new app below the break …


Expand
Expanding
Close

iOS 7 jailbreak installs pirate App Store if your device language is Chinese (updates)

fifa14taig

Screenshot by <a href="https://twitter.com/saurik/status/414810297937838080">@saurik</a>.

(Updates below)

This morning, the evad3rs released the first public iOS 7 jailbreak. At the time, it seemed like something was off because other key members of the community had not been informed of the upcoming release. For instance, Jay Freeman (@Saurik on Twitter) had not been notified and as such the version of Cydia bundled was not official or up-to-date.

It turns out, however, that more questionable activity has taken place. The evasion jailbreak includes a Chinese ‘alternative’ app store, which is full of cracked versions of real apps and games found in Apple’s App Store.


Expand
Expanding
Close

Developer hacks iOS to route notifications through Google Glass (video)

Site default logo image

An iMessage sent to Glass

An iMessage notification sent to Glass

Adam Bell (@b3ll), a well-known developer for many software platforms, has figured out a way to route all notifications from an iOS device through Google Glass. The implementation, even in its early stage, seems to work quite well. Bell notes that all notifications, such as iMessages and Tweets automatically are shown via the Google Glass interface. Video and more details below:


Expand
Expanding
Close

Site default logo image

evasi0n jailbreaks record 7M iOS devices in four days

We previously told you that around 1.7 million people had used the new evasi0n tool to jailbreak their iOS device, according to stats from Cydia installs. Today, we get a little update on the progress: Jay Freeman told Forbes that Cydia recorded over 7 million devices, as of last night, and “insanely more new traffic” than the release of iOS 5’s Absinthe jailbreak tool and others before it.

As of Thursday night, Freeman’s alternative app store had received visits from 5.15 million iPhones, 1.35 million iPads, and 400,000 iPod touches that were jailbroken with evasi0n, the first jailbreaking software for the iPhone 5 and iOS 6.1.

Freeman says that evasi0n has brought Cydia “insanely more new traffic” than the release of the jailbreak tool called Absinthe that worked on some versions of iOS 5. And even Jailbreakme3, the popular web-based jailbreak released by iPhone hacker Comex in the summer of 2011, was only used on 1.4 million devices in its first nine days online

Site default logo image

evasi0n Jailbreakers reveal the incredibly complicated methods they used to Jailbreak every Apple iOS device

evasi0nForbes posted an article on Tuesday that gave some updates on the highly successful launch of the evasi0n jailbreak tool straight from its creators. After having officially released the jailbreak yesterday at noon, according to stats from Cydia’s Jay Freeman, around 1.7 million people have decided to jailbreak their iOS device. Perhaps more interesting is a description of how exactly the four members of the evad3rds team were able to get the job done. Team member David Wang, aka @planetbeing, walked through the process with Forbes:

Evasi0n alters the socket that allows programs to communicate with a program called Launch Daemon, abbreviated launchd, a master process that loads first whenever an iOS device boots up and can launch applications that require “root” privileges, a step beyond the control of the OS than users are granted by default. That means that whenever an iPhone or iPad’s mobile backup runs, it automatically grants all programs access to the time zone file and, thanks to the symbolic link trick, access to launchd.

Wang described the entire process from finding the initial exploit in the iOS mobile backup system to accessing Launch Daemon and getting around code signing and restrictions at the kernel layer:

Once it’s beaten ASLR, the jailbreak uses one final bug in iOS’s USB interface that passes an address in the kernel’s memory to a program and “naively expects the user to pass it back unmolested,” according to Wang. That allows evasi0n to write to any part of the kernel it wants. The first place it writes is to the part of the kernel that restricts changes to its code–the hacker equivalent of wishing for more wishes.  ”Once you get into the kernel, no security matters any more,” says Wang. “Then we win.”

Go to Forbes to read Wang’s entire step-by-step description of the jailbreak process for evasi0n.

Here’s another third-party analysis. The verdict is the same: incredible work.

Today’s iPhone 5 Evasi0n Jailbreak sees record numbers: Here are 10 cool things to do with your newly-Jailbroken iOS device

Site default logo image

If you have not jailbroken an iOS device in a while, you might wonder what all the excitement is surrounding today’s launch of the evasi0n jailbreak tool for iOS 6. (Note: Some people are having issues with the default Apple Weather app after install.)

[tweet https://twitter.com/MuscleNerd/status/298543670888644608]

Over the years, many features that were once jailbreak-only made their way to iOS or via third parties through the App Store. However, there are still many things you can do with jailbreak tweaks that aren’t possible on non-jailbroken devices. With over 270,000 active users at any one time on evasi0n today, we put together a list of some of the most interesting and useful tweaks that caught our attention in recent months:

Expand
Expanding
Close

Jailbreak tweak augments Siri with Google Voice Search (Video)

Site default logo image

[youtube=http://www.youtube.com/watch?feature=player_embedded&v=e54gK0UpAxs#!]

The Google Now-like voice recognition features introduced to the Google Search for iOS app last month have been getting a lot of attention. Maps might not be the only area Apple cannot compete with Google. As highlighted in a video comparison we posted earlier this week, Google’s voice search feature has Siri beat. And many users are taking note. Today, AppAdvice pointed us to a new Jailbreak tweak called “NowNow” that allows you to call up Google voice search (from within the Google Search iOS app) by holding down the Home button—just like Siri. It appears you can also select alternate methods to invoke the feature, so you should be able to continue to use both if want. The tweak is available via the BigBoss repository now for free.


Expand
Expanding
Close