BigBoss repository, one of the biggest and most popular repositories for jailbreak tweaks in Cydia, has reportedly been hacked by either an individual or a group of hackers.
Cydia is a software application for iOS that enables a user to find and install software packages on jailbroken iOS Apple devices such as the iPhone, the iPod Touch, and the iPad. Most of the software packages available through Cydia are free, but some require purchasing. The BigBoss repository is default repository in jailbroken iOS devices and has long been one of Cydia’s biggest and best, but it may have just been targeted by cybercriminals.
The hackers, who go by the name “Kim Jong-Cracks”, managed to gain access to all packages, including all paid as well as free, and made their own repository available with all BigBoss repository applications for free.
“The other post more than likely broke rule 1 because it linked the site directly. To anyone that didn't see the post the BigBoss repo was (supposedly) hacked by either an individual or group of people and they have a repo out there with all of BigBoss's packages (paid and free). Their proof.log shows that they have the original MD5 sums," the Reddit post suggesting BigBoss repository hack.
The hackers have named their site as ripBigBoss, which claims to offer all 13,954 BigBoss packages for free. As a proof to the hack, the hackers made the deb index and BigBoss database available for download, which contains a massive log file that have the names of all those packages with their MD5 sums.
The ripBigBoss website created by hackers uses Saurik's recent "Competition vs Community" as a motivation behind their activities, but it could be also an attempt to hide their actual identity. Additionally, they are promoting the use of #WhichSideAreYouOn and #SupportTheCompettition hashtags as well.
Kim Jong-Cracks claims to have injected those free packages with malware, but Jay Freeman commonly known as Saurik, the creator of Cydia, believes it untrue. Still, packages hosted by the original BigBoss repository is considered to be safe, however.
Saurik has confirmed to iDownloadblog that the injection of malware into the BigBoss repository is unlikely as the packages in Cydia repositories are verified from the repository package index.
“This article mentions malware being potentially injected into the BigBoss repository; we do not believe this to be the case, Saurik said in a statement to iDB. “Packages in Cydia repositories are cryptographically verified from the repository package index. I have an index of all historic changes to the package indices for default repositories, and have verified that the content on BigBoss did not change in ways that the repository administrators did not expect.”
But, we recommend you to avoid installing or updating any jailbreak tweak from the BigBoss repository. Also, those who have jailbroken their iOS devices are advised not to install or download any tweaks from ripBigBoss repository. Because, downloading such pirated tweaks on your iOS device might lead you installing malware on your devices.