Hackers steal over 250,000 Apple accounts from jailbroken devices

4.6
Dubbed the largest theft of its kind, security research firm Palo Alto Networks has outlined a new type of iOS malware that it's calling KeyRaider, which the company claims has facilitated hackers in claiming over 250,000 devices and their respective Apple accounts already.

The exploit, which is exclusively aimed at jailbroken devices, worms its way onto your device through Cydia, the popular third party app store for jailbroken devices. Once its found it way on your device, it can not only uncover your password but also intercept data. Palo Alto Networks explained the operation of the exploit as follows:

KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.

Since it hampers your ability to unlock the device, it serves as the perfect means of extorting users for a ransom to continue operation of their device. It doesn't stop there: it can also download and buy apps without your permission if you refuse to pay the ransom, the hacker could simply charge hefty amounts of app charges to your credit card out of spite, adding to the already massive headache anyone affected will probably have by now.

The only silver lining in this case is that the exploit can only affect jailbroken devices, serving as another stark reminder of the perils of fooling around with the root access to your device.

Posted:
Related Forum: Mobile Devices

Source: http://www.neowin.net/news/hackers-steal-over-250000-apple-accounts-from-jailbroken-devices

Comments

"Hackers steal over 250,000 Apple accounts from jailbroken devices" :: Login/Create an Account :: 70 comments

If you would like to post a comment please signin to your account or register for an account.

EverPosted:

Polygon Apple 10/10 security.
Seems like they need to step it up - iCloud, now whole accounts?


But we are talking about jailbroken accounts.

OXTPosted:

Be safe and only download trusted apps.

FibrilPosted:

SpoofyLobbys Maybe Apple HIRED someone to do this.. to teach everyone a lesson..


Oh probably, though you wouldn't find anything to lead back to them. Multi million dollar company wouldn't leave a bread trail haha.

AcedPosted:

Didnt icloud get hacked before too.. Looks like apple needs better security

Joyful-Posted:

Polygon Apple 10/10 security.
Seems like they need to step it up - iCloud, now whole accounts?


Yeah , man, apple is getting sketchy, lol. Real sketchy.

PolygonPosted:

Apple 10/10 security.
Seems like they need to step it up - iCloud, now whole accounts?

315Posted:

And this is why Jailbreaking your device is just to sketchy. Glad my iPhone isn't jailbroken any longer

EverPosted:

I have always thought about Jailbreaking my phone, but a little hesitant because I have my card on my iOS account.

newtonballs26Posted:

I have a jailbroken iPhone but I don't care because I don't have a credit card on there or any payment type. On top of that if they want to get into my social media I mean I doubt it because they probably just want to see if they can get into money.

StrokesPosted:

Maybe Apple HIRED someone to do this.. to teach everyone a lesson..