Cyber Incident Victim: BigBoss

In July 2014, the BigBoss repository—a default source for jailbreak tweaks on Cydia serving jailbroken iOS devices like iPhones, iPads, and iPod Touches—was compromised by hackers identifying as "Kim Jong-Cracks." The attackers exfiltrated all 13,954 packages from the repository, encompassing both paid and free software tweaks. They established a competing site named "ripBigBoss," hosting the stolen packages without charge and providing downloadable evidence of the breach, including the repository’s deb index and database containing package names and MD5 checksums. The group cited Saurik’s (Cydia creator Jay Freeman) "Competition vs Community" commentary as motivation for their actions, while promoting hashtags #WhichSideAreYouOn and #SupportTheCompettition. Kim Jong-Cracks asserted they had injected malware into the redistributed packages, though no technical evidence corroborated this claim at the time of reporting.

Saurik publicly disputed the malware assertion, clarifying that Cydia repositories cryptographically verify packages against repository indices, with no unauthorized changes detected in BigBoss’s historical package data. Despite this assurance, security advisories urged users to avoid installing or updating tweaks from the official BigBoss repository pending further investigation. ripBigBoss was explicitly flagged as a risk due to potential malware in pirated packages. The incident disrupted trust in a primary distribution channel for jailbreak utilities, exposing paid developers to revenue loss from pirated redistributions while creating uncertainty around repository integrity verification mechanisms. No containment measures by BigBoss or Cydia administrators were detailed in available reports.