Malware for jailbroken iOS devices steal Apple IDs from 225,000 people

Another data theft involving Apple was reported over the weekend where some 225,000 Apple account login data were stolen.

The attacks originated from a malware of a family known as KeyRaider. It was distributed widely through an alternative App Store website known as Cydia in China.

The malware is infecting only the jailbroken iPhone as reported by Palo Alto Networks. According to the firm there are 92 other iOS malware currently in the market that needs to be taken down.

The firm also stated that the malware, which download origin comes from China had affected up to 18 other countries including United States, United Kingdom, Japan and Canada. However, the report said most of the data stolen are from users in China.

Jailbreaking is an activity allowing the iPhone users to use unauthorized apps and make some changes in their operating system.

The attack by KeyRaider is reported to be almost similar with a previously reported case such as 'Unflod' and 'AppBuyer'.

However, KeyRaider takes the game up a notch when it also steals private key used by Apple where the stolen data was used by the attacker to make changes in the user's iPhone.

Among the data that can be access from the stolen Apple passwords are emails, messages and pictures.

According to Forbes, the attackers using this malware also have been reported to blackmail some of their victims. It was reported that the attacker is asking for a payment from their victim in order for them to get control of their iPhone back.

The attacker also had been reported to make purchase using the victim's account causing them to be charged with high purchasing fee.

Besides using it as extortion, the attackers also had made a tweak version of the malware and it is available to be downloaded. This tweak enable the downloader to use the stolen account to make a purchase in Apple App Store without paying. To this date, a total of 20, 000 download of the tweak had been performed.

Although the attack did not affect lots of users considering that Apple have around 885 million iTunes account which means that the majority of the users are not affected. Apple still need to combat the cyber security problem seeing that their market demand in China is growing.

As for now both Paolo Alto Network and WeipTech are offering a service to detect the malware in user's iPhone. Both firms agree that the latest attack is conforming that there need to be a better cyber security action used by Apple as the attack marks itself as one of the largest account theft caused by a malware.


Real Time Analytics