High-profile hackings of 2015: myRepoSpace

In Information Security ByTeam Acumin / 25th October 2015

Popular Cydia repository myRepoSpace is used by thousands of people around the world to install apps on to jailbroken Apple devices, such as iPhones and iPads.

What happened?

In July 2015, the myRepoSpace website was hacked and the user data obtained during the attack was publically dumped.

How many records were accessed?

It is believed that over 250,000 user accounts were caught up in the hack. Details that were publically dumped include user email addresses, passwords, IP addresses and usernames.

How it happened

Users who logged on to the website were unable to access their accounts, receiving error messages each time that they attempted to do so.

Little is known about how this high-profile hack was carried out, but it believed that Twitter users @its_not_herpes and 0x8badfl00d were responsible for the data breach in retaliation against the service, which would not agree to remove pirated tweaks from the repository site.

What’s happened since?

Not long after the attacks were published, an individual going by the name of Kim Jong-Hacks was riling Twitter users by claiming that he was able to hack the leaked passwords.

There is still very little information regarding this hack, but there have been rumblings that the site’s security was extremely lax and that many users had gotten in touch with them about it before the hack too place. The site is still up and operating at the present time.

It has also led many people to question the need for hosted public repositories, when most people could make their own and diminish the risk of having their data stolen.

Many previous users switched over to using Github as a repository after the hack, as it was widely recommended by online peers as being a more secure alternative to myRepoSpace.