News Categories

Malware has stolen 225,000 Apple account logins from jailbroken iPhones

By Alvin Soon - on 1 Sep 2015, 11:00am

Malware has stolen 225,000 Apple account logins from jailbroken iPhones

A ransom message on an iPhone locked by KeyRaider. The text reads to contact this number by QQ (a chat app) to unlock the phone. Image source: Palo Alto Networks.

A newly discovered malware, named KeyRaider, has stolen over 225,000 Apple account logins, harvested from jailbroken iPhones. Users affected have had unauthorised purchases made using their Apple accounts; some have had their iPhones disabled for ransom.

According to Palo Alto Networks, which identified the malware together with WeipTech, KeyRaider is distributed through third-party Cydia repositories in China (Cydia is a third-party app that allows people to find and download apps onto jailbroken iPhones).

KeyRaider appears to have affected users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.

Palo Alto Networks has found over 225,000 valid Apple accounts with passwords stored on a server. The data was uploaded to a website with a SQL-injection vulnerability which made it possible for outsiders to access the records.

KeyRaider only affects jailbroken iOS devices, and Palo Alto Networks has a list of steps to check if your jailbroken device has been infected, and what to do if it is (at the bottom of their post).

Source: Palo Alto Networks via Ars Technica.

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.