Today, when I open reddit/r/Jailbreak, a website I frequently use, I saw a lot of people complaining about some strange frauds that started to happen, according to what they related, shortly after using the Chinese 25PP Jailbreak app for iOS 9.3.3.
Some people complain about PayPal and credit cards being hijacked from China, some other complain about Facebook Accounts being accessed from China, Taiwan, India and so on, and other even see their Apple ID purchasing apps using their credit cards.
What all these people have in common, according to a list created on reddit, is that: they got their PayPal / Western Union / Credit Card hacked from China, there were unapproved transactions of $50 or $200 to Chinese addresses and they all say it started happening after Jailbreaking.
A reddit/Jailbreak user has posted a screenshot in which his AntiVirus software found a virus called "Win32.Infostealer" in one of 25PP dll files located in Program Files. While this might be a false positive, it really poses a threat.
Pangu has posted on their twitter the following message:
"Neither we nor 25pp would be so stupid to make money by hacking users paypal account via jailbreak tool. We hope to find out the truth asap."
We know PanGu is a trustworthy company, they released a lot of Jailbreak tools in the past, but we don't really know very much about 25PP.
While 25PP might have not been involved in this wave of frauds, I still think, what if somebody found a vulnerability in 25PP's app and now exploits it and try to make people blame PanGu and 25PP? Everything that is possible.
We don't accuse Pangu, nor 25PP, but until the truth is being discovered, I suggest you to change your passwords, to activate 2 Step log in and to uninstall anything you see that has suspicious activity. For the moment, @saurik, the creator of Cydia suggests you to use the English Pangu version.