Bug #22301
[External Audit Findings][iOS] No Jailbreak Detection
| Status: | Closed | Start date: | 29 July 2025 | |
|---|---|---|---|---|
| Priority: | Low | Due date: | ||
| Assignee: | yap chekying | % Done: | 100% | |
| Category: | - | Spent time: | - | |
| Target version: | - |
Description
Issue:
Jailbreaking is the process of gaining administrative or privileged access to the iOS OS. Without jailbreak detection, attackers may access sensitive information from the app running on the device.
Recommendation from pentester:
Developers must detect whether the application is running on a jailbroken device.
Please refer to attached excel for details.
History
#1 Updated by He Xi Yeo about 1 month ago
- File 522583256_743120614740940_2149297946710618408_n.jpg added
- Status changed from New to Assigned
- Assignee changed from He Xi Yeo to yap chekying
- % Done changed from 0 to 100
Added more rigid jailbreak detection.
#2 Updated by yap chekying about 1 month ago
- File RE OCBC Business Mobile app Audit Findings - July 2025.msg added
- Status changed from Assigned to Pending UAT
#3 Updated by yap chekying about 1 month ago
- Status changed from Pending UAT to Pending PROD
#4 Updated by yap chekying about 1 month ago
Need to add the appcamo framework into the source code in next release.
Integrated AppCamo and conducted testing on a jailbroken device in both debug and distribution modes. However, in both scenarios, jailbreak detection was unsuccessful. Therefore, need to have discussion session with the AppCamo vendor to further investigate this issue.
In the meantime, implemented jailbreak detection method for iOS, which has proven effective—test device was able to detect jailbreak access successfully. This method has already been included in the latest TestFlight build, so will release in this release first
#5 Updated by yap chekying 13 days ago
- Status changed from Pending PROD to Closed
Released to production