General Software

The Trojan In Free Jailbreak Tweak Can Steal Revenues Through Google’s AdMob

Ali Salman
Add Wccftech on Google Comments

With every iOS update, hackers begin their quest for a jailbreak which they eventually achieve. The major reason why some users choose to jailbreak is customization beyond iOS boundaries that the stock version fails to provide. From changing visual appearance of the user interface to enhancing functionality, Cydia has been a good source for providing tweaks and packages.

ios

However, some tweaks have functionality that extends in functionality beyond their original purpose. They may be harmful and malicious to your device and not installing them is a viable option. Recently, 'Lock Saver' free tweak appeared on Cydia that has some adverse effect which we will be telling you about. The tweak has been made available by ModMyi's repo that switches off battery consuming aspects of your device while it is locked.

Lock Saver Installs Malicious Files That Can Interfere With Device Permissions

However, the device is said to contain a trojan that even exists after you remove the tweak. The trojan sticks to your Google's AdMob and steals revenues which are generated from the host device. It also collects UDIDs and sends them to a remove server destination. When a user installs the Lock Saver, the tweak copy's trojan files to the following destination: /Library/MobileSubstrate/DynamicLibraries/ .

Developer Alan Kerr states that the tweak makes the directory (/Library/MobileSubstrate/DynamicLibraries/) writable as Service.dylib is installed at runtime. This changes the permission to 777 which initially should be 755, so in case you are infected you would have to change it back. You can change the permission using iFile if you want to halt any untrusted and unauthorized files from being installed automatically.

free tweak

If you have Lock Saver installed, remove it immediately. After you do so, the free tweak leaves behind two malicious files namely, 'Service.plist' and 'Service.dylib'. You will have to iFile to remove these files from the following location: /Library/MobileSubstrate/DynamicLibraries/ . Good for us the free tweak has been removed from ModMyi's repo and we would recommend users not to install it. This is it for now, folks. Let us know in the comments section below if your jailbroken device has been infected with the Lock Saver trojan.

Ali Salman Photo

About the author: Ali Salman is a technology reporter for Wccftech mobile section with a specialized focus on Apple and the intellectual property that drives mobile innovation. He has cultivated a unique expertise in analyzing and deconstructing complex technology patents, translating dense legal and technical documents into clear, insightful reports on future products.

Follow Wccftech on Google to get more of our news coverage in your feeds.

Further Reading

AT&T faces massive data breach as phone records of nearly all customers get hacked and stolen

AT&T Faces A Massive Data Breach As Hackers Steal Phone Records Of Nearly All Customers

Ali Salman
Developers can request apple to gain access to additional hardware and software features on iPhone after iOS 17.4 update

Developers Can Now Request Apple To Access Additional Hardware And Software Features On iPhone

Ali Salman
iOS 17 Cinematic Mode API for apps

Third-Party Apps Will be Able To Take Advantage Of iOS 17’s Cinematic Mode Video Using New API

Ali Salman
WWDC 2023 event schedule announced for developers

Apple Announces WWDC 2023 Schedule For June 5 And Event Start Time

Ali Salman

Trending Stories

Popular Discussions

Button