At the end of September 2019, an information security researcher known as axi0mX published an exploit open for jailbreaking virtually any Apple device with A5 to A11 chips released between 2011 and 2017. The development was called Checkm8 and is very significant, as it exploits a vulnerability in bootrom, and the author himself describes his exploit as “permanent and unrecoverable”.
Researchers discovered the site checkrain (.) Com, exactly simulating the resource checkra1n (.) Com, on which a group of information security enthusiasts (including axi0mX itself) plans to publish the first user-friendly jailbreak tool based on Checkm8. Although researchers have not yet released their tool, fraudsters are already taking advantage of the situation.
– axi0mX (@ axi0mX) October 10, 2019
The fake site is used to distribute the .mobileconfig configuration file. When installed on the victim’s device, this file adds a shortcut to the user's screen. After clicking on the shortcut, a headless browser (browser without user interface elements) is launched, which loads the page from the scam site, pretending to be a native application.
With this “legend,” victims can be offered to install several different games, and all of them are legitimate applications actually hosted on the iOS App Store. That is, this fraudulent scheme is not used to distribute malvari, but helps to earn money both for the operators of the fake site and for their partners who develop these games and buy such "advertising" for themselves.
Researchers note that for a more or less savvy user, all this will look like complete nonsense, but scammers usually prey on users who do not have technical knowledge.