BigBoss repository, one of the biggest repositories for jailbreak tweaks in Cydia, has been reportedly hacked.
A reddit post reveals that the BigBoss repository is hacked by either an individual or by a group of people. The hackers have made a repository available with all BigBoss apps for free. Below is the post on Reddit suggesting BigBoss repository hack.
The other post more than likely broke rule 1 because it linked the site directly. To anyone that didn't see the post the BigBoss repo was (supposedly) hacked by either an individual or group of people and they have a repo out there with all of BigBoss's packages (paid and free). Their proof.log shows that they have the original MD5 sums."
Known as Kim Jong-Cracks, the hackers have named their site as ripBigBoss and have access to all packages, containing all paid and free, which are available in the BigBoss repository. Besides, they made the deb index and BigBoss database available for download.
The ripBigBoss created by hackers uses Saurik's recent "Competition vs Community" as their motivation. Additionally, they are promoting the use of #WhichSideAreYouOn and #SupportTheCompettition hashtags.
Those who have jailbroken their iOS devices are advised not to install or download any tweaks from ripBigBoss repo. Also, downloading such pirated tweaks on the iOS device might increase the risk of installing malware.
Users are also recommended not to install or update any jailbreak tweak from the BigBoss repo. Meanwhile, Jay Freeman commonly known as saurik, the creator of Cydia, WinterBoard and Mobile Substrate has confirmed to iDownloadblog that the injection of malware into the BigBoss repo is unlikely as the packages in Cydia repositories are verified from the repository package index.
This article mentions malware being potentially injected into the BigBoss repository; we do not believe this to be the case. Packages in Cydia repositories are cryptographically verified from the repository package index. I have an index of all historic changes to the package indices for default repositories, and have verified that the content on BigBoss did not change in ways that the repository administrators did not expect," explains Saurik.