KeyRaider malware compromises more than 200,000 jailbroken Apple devices
KeyRaider - a new malware - has left more than 200,000 Apple accounts compromised after it stole random passwords of iOS devices that have been previously jailbroken. This heist has now been referred to as the biggest Apple account theft that was caused by malware.
"KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts," said Claud Xiao of Palo Alto Networks Research Center. "The malware uploads stolen data to its command and control server, which, itself, contains vulnerabilities that expose user information."
Key information was obtained - in collaboration with China-based WeipTech - that there are roughly 92 samples of malware that could be held accountable for the attack.
According to the report, Xiao revealed to the public that the KeyRaider malware was being distributed through "third party Cydia repositories" that are based in China.
Unfortunately for Apple tech users, the malware reportedly has its sights set on devices with the iOS software - especially ones that have already been modified or jailbroken. To "jailbreak" an Apple device entails that the user - and the device - will no longer be protected by Apple. The Cupertino-based tech giant's security measures involve limiting the unit's owner from downloading just about anything, as pointed out by Tech Times.
Once the unit has been jailbroken, the user can start to download all desired apps, movies, among others, but will also become more exposed to different types of malware. This is the biggest reason why Apple has strongly advised their users to refrain from jailbreaking their devices to avoid compromising security.
Furthermore, the KeyRaider malware has reportedly already wreaked havoc in nearly 18 nations, including Japan, the United States, Germany, Russia, Australia, China, Italy, Spain, France, Singapore, Canada, South Korea and Israel. The malware works by deploying MobileSubstrate, which, in turn, hooks to the system process. Afterwards, account passwords will be hacked into and stolen.
Please contact reporter at feedback@ibtimes.com.au, or let us know what you think below.