A recent discovery, by a Chinese technical group named Weiptech, uncovered more than 225,000 legitimate Apple accounts stored on a remote server. This server contained all the information necessary to gain access to Apple accounts, including full usernames and passwords.
Weiptech received help from Palo Alto networks in accessing and analyzing the server. Palo Alto Networks state on their blog “…we believe this to be the largest known Apple account theft caused by malware.”
Together, the teams found 92 samples of new malware for iOS. After analyzing these samples they came up with the malware family name of “KeyRaider”.
The malware’s harmful reach is extensive, crossing continents. Known affected countries include China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.
Luckily, the malware only affects iPhone users who have chosen to Jailbreak their device. Jailbreaking allows an iPhone owner to gain access to the hidden security and file systems within iOS. Jailbreaking your iPhone can bring many new possibilities to the iPhone’s operating system. Most of these opportunities are great, however others can be malicious.
If you haven’t Jailbroken your iPhone, you are safe from Keyraider.
Palo Alto Networks goes on to explain how KeyRaider infects a Jailbroken device.
The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.”
According to CNN Money, the malware “also steals all the information about the owner’s App Store purchases and prevents people from recovering their phones once they’ve been hijacked.”
It is alleged that some phones have been locked and virtually held for ransom.
Jailbreaking has become a relatively common customization technique for iPhone users, allowing them to use apps and tweak features that were never possible before. While this iOS “freedom” can be tempting, it is important to weigh the risks associated with Jailbreaking a device. Jailbreaking your device will shutdown special security features Apple has in place to protect you from hacks like KeyRaider.
We strongly advise others not to Jailbreak their iPhones, however if you like to learn more about Jailbreaking, click here.