How to Protect iOS Apps against Jailbreaking using Jailbreak Prevention

Jailbreak Prevention for iOS Apps:  Learn how to protect iOS Apps against Jailbreaking and Jailbreak tools and tools like CheckRa1n, Unc0ver, Chimera, Cydia, PlankFilza, MarronJB, Zylon.

What is iOS Jailbreaking?

Jailbreaking is the process of unlocking the iOS operating system on an Apple mobile device. Jailbreaking is a form of administrative privilege escalation, which bypasses Apple’s restrictions, resulting in full administrative control over the OS (the highest level of administrative privilege possible).  Jailbreaking is often accomplished by exploiting bugs in Apple’s software/firmware or modifying system kernels to allow read and write access to the file system. Jailbreaking is one of the primary methods/tools for every hacker – both black hat hackers and white hat hackers (eg: penetration testers or security researchers). They all use Jailbreaking in similar ways (to compromise the security model of mobile devices, OSs and apps). The main difference is that black hat hackers have malicious intent, while white-hat hackers generally have non-malicious intent.

Here are the Top 5 reasons people Jailbreak iOS: 

  1. To bypass Apple’s restrictions and install software Apple doesn’t support or sanction.
  2. To change the behavior of the OS in ways that Apple does not support
  3. Developers Jailbreak iOS to access and or modify the file system, test new app builds, install a wider variety of software programs to test their app to validate the security model of their app, etc
  4. Gamers or hackers Jailbreak iOS to access alternative app stores like Cydia or Sileo. These repositories allow for the installation of game mods, tweaks, cheat tools, and more advanced hacking tools.
  5. Pen testers and Hackers Jailbreak iOS to gain an advantage in compromising the security model, to expose weaknesses in mobile app protections, to disable anti-tampering or other security protections, to turn off security SDKs that have been hard-coded to the app.

Whatever the intent, Jailbreaking makes every hacker’s job much easier by providing a significant advantage to compromise the security model, due to the elevated level of privilege and full administrative control that Jailbreaking enables. You can think of Jailbreaking as a ‘gateway’ hacking tool: In other words, Jailbreaking is a fundamental hacking tool that enables more advanced hacking tools or methods, for example:

  • Jailbreaking makes it possible to obtain or use more advanced hacking tools (unfettered access to alternative repositories like Cydia, where hackers can obtain tweaks, mods, fake apps, clones, or get access to more powerful hacking or cheating tools).
  • Using Jailbreaking, hackers can achieve more powerful outcomes with just about any tool (e.g.: use FRIDA to perform dynamic code injection, function hooking, method swizzling. These are all methods by which hackers alter the logical control flows of a mobile app to replace intended app behaviors with their own malicious behaviors.
  • Jailbreaking enables hackers to use a much more extensive variety of hacking methods (e.g., use emulators to alter memory and bypass in-app purchases in mobile games, to disable mobile advertising SDKs, to set-up a malware beacon inside the app)
  • Jailbreaking makes it easier to bypass security controls or protections (e.g.: disable anti-tampering protections, turn off digital rights management checks, disable mobile threat detection (MTD) SDKs in the source code.

Jailbreaking results in a compromised security model, where you cannot trust any signals coming from the device (because on a Jailbroken device, the hacker is in control and change modify the signals to achieve their desired outcome). And while many of the above methods are still possible without Jailbreaking, there’s no question that Jailbreaking makes them better, easier, more powerful, etc. Any iOS app that runs on a Jailbroken device is in a vulnerable state, where hackers can amplify and increase the magnitude of their attacks — all with less effort.

How to Protect iOS Apps against Jailbreaking

Appdome Jailbreak Prevention enables an iOS app to protect itself against Jailbreaking and Jailbreak Tools. You can use Appdome to build Jailbreak Prevention into any iOS app – without coding. When the Appdome-secured app detects that it’s running on a Jailbroken device the app will shut itself down (default behavior) after displaying a message to the mobile user. This protects that app, user, and mobile data from being compromised or attacked by a malicious actor using Jailbreaking. Optionally developers can use Appdome Threat Events to achieve different enforcement actions when Appdome detects if a Jailbreak event.  (ie: instead of shutting down the app, you can change the default enforcement behavior to be handled by the app’s internal event structure or by an external threat response system) using Threat Events.

3 Easy Steps to Add Jailbreak Prevention to an iOS app 

Please follow these 3 easy steps to add Jailbreak Prevention to any iOS app. 

  1. Upload an iOS App to Appdome’s no code security platform (.ipa)
  2. In the Build Tab, under Security, Select Jailbreak Prevention (shown below)
  3. Click Build My App

No code jailbreak prevention ios apps

  • (Optional) Customize the message given to the user when a rooted device is detected under App Compromise Notification
  • (Optional) Enable Threat Events to configure this security alert on your app.
  • (Optional) Add Jailbreak Prevention to a Managed App (ie: an app managed by UEM/EMM)

    Select the Build Tab, Beneath the Build Tab, you will find several service options. Select Management

    1. Click on the toggle to enable EMM Services
    2. Open the EMM Services drop-down list and choose your desired EMM service and configure it
    3. Open the Appdome Mobility Suite Scheme drop-down list
    4. Click the toggle next to Jailbreak Prevention by Appdome to enable the feature
    5. Customize the message given to the user when a rooted device is detected under App Compromise Notification (optional)
    6. Click Build My App

Congratulations! The app can now defend itself against Jailbreaking.

Prerequisites for Jailbreak Prevention

In order to use Appdome’s no code implementation of Jailbreak and Root Detection you’ll need:

How to Sign & Publish Secured Mobile Apps Built on Appdome  

After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include 

Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome. 

How Do I Learn More?

Check out our related KB on Rooting Android.

Read this KB on Threat Events if you want to change the default enforcement behavior after a Jailbreak event has been detected by Appdome.

Check out the full menu of features in the Appdome Mobile Security Suite or request a demo at any time. 

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.  

Paul Levasseur

Have a question?

Ask an expert

AlanMaking your security project a success!