BigBoss repo hacked, deb index and database goes available for download

bigboss-repo-hacked

Last night, one of the major repository of Cydia store i.e. BigBoss repo has been hacked! The identity of the hackers is unknown yet. As per details, the hackers have made use of Saurik’s recent ‘Competition vs Community’ as their motivation, using #WhichSideAreYouOn and #SupportTheCompetition hashtags to support their acts.

The hackers were able to gain quite significant access to BigBoss repo. They were able to make deb index and databases available to download. Not only this, the hackers even created a new repo with all BigBoss hosted tweaks.

Like all previous security lapses, we recommend you not to download tweaks from this new repo as it may contain malwares. These malwares can acquire your personal information. The users should try to reach out of these pirated tweaks. At this time, we will advise you not to download or install any tweaks from Cydia’s BigBoss repo.

Saurik has just given following statement on BigBoss repo hack,

This article mentions malware being potentially injected into the BigBoss repository; we do not believe this to be the case. Packages in Cydia repositories are cryptographically verified from the repository package index. I have an index of all historic changes to the package indices for default repositories, and have verified that the content on BigBoss did not change in ways that the repository administrators did not expect.

Keep in touch as we will keep you updated regarding the story!