KeyRaider malware steals data from jailbroken iOS devices
According to the well-known Palo Alto Networks security research company, a new and sophisticated malware known as KeyRaider is responsible for the theft of over 225,000 Apple accounts. Only those with jailbroken iOS devices have been targeted by the attack, so if you haven't been tampering with your iPad's or iPhone's operating system, you should be safe. In a recent blog post, Claud Xiao (Senior Security Researcher at Palo Alto) stated: “We believe this to be the largest known Apple account theft caused by malware.”
When you jailbreak an iOS phone or tablet, you remove Apple's protection regarding the apps that can be installed on the device and this is exactly the vulnerability that KeyRaider exploits. Once it infects a gadget, the malware allows the attacker to download apps from Apple's App store or to simply lock the respective device and ask for a reward in order to unlock it. According to the post entry, Palo Alto has collaborated with an amateur tech group named WeipTech (which was the one to actually first detect the attack). The current analysis indicates that KeyRaider was spread by being incorporated into jailbreak tweaks or apps specially designed to provide new function for jailbroken iOS devices. At this point, the main suspect is a user nicknamed "mischa07" whose name was encoded into the malware as the encryption and decryption key.
According to Mr. Xiao, the security company notified Apple about the Key Raider issue on August 26 also providing the stolen account information. Up until the time I'm writing this story, there has been no official response from the IT giant's representatives. For more details on the matter you can find the original blog post from Palo Alto Networks' website by clicking on this link.
