KeyRaider malware stole over 225,000 Apple account data
It has been reported in the past few days that an iOS malware, named KeyRaider, has stolen and hacked over 225,000 Apple ID logins and passwords. This is considered to be one of Apple's biggest security compromises in history that was caused by a malware.
KeyRaider usually enters the device through the Cydia apps, a third-party repository that sells itself as an App Store alternative. Once infected, the malware not only steals the Apple account details of the user but it also allows unauthorized transactions using the victim's account. The malware also enables the functionality to lock some of the phones, and asks the owners for ransom. The malicious software is now creating huge problems for Apple users in China, and about 17 more countries. Among the countries that are reported with affected users are the United States, France, Canada, Spain, Singapore, Russia, Israel, Italy, Japan, United Kingdom, Germany, Australia, and South Korea.
The Chinese iPhone community, WeipTech, together with Palo Alto Networks, worked to find out what happened. According to the Palo Alto Networks' researchers on a blog post on their website, jailbroken iPhones were the target of the attack. "The purpose of this attack was to make it possible for users of two iOS jailbreak tweaks to download applications from the official App Store and make in-app purchases without actually paying. Jailbreak tweaks are software packages that allow users to perform actions that aren't typically possible on iOS," they've added.
The discovery of the KeyRaider malware is just a precautionary reminder to everyone about the risk of getting a jailbroken iPhone or iPad. This practice is strongly discouraged by security experts, even if it is done by highly experienced technicians. All affected users are advised to immediately change their password after removing the malware, and enable their Apple ID's two-factor verification.