Apple jailbreak malware jeopardizing iPhone security; over a quarter million Apple accounts stolen

0

Numerous iPhone users manipulate Apple’s security settings, leaving their devices to work overseas or run applications not approved by Apple. Commonly known as “jail breaking,” the process leaves iPhones at higher risk to hackers.

Researchers from Cybersecurity company Palo Alto Networks and Chinese technical group WeipTech have discovered the largest known Apple account theft. Over 225,000 Apple Accounts have been recently stolen through malware. The theft is executed through an iOS malware the company dubbed as “KeyRider,” targeting jailbroken iOS devices.

Cydia is a software application for iOS that allows users to have control over their devices and run software packages on jailbroken Apple handsets.”KeyRider” is scattered through Cydia repositories in China, thus the majority of the victims of the compromised accounts are Chinese. However, users in France, Russia, Japan, the United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea were also affected.

The Cydia software also offers other downloadable functionalities that give users the freedom to customize system fonts and gain access to better Chinese language input. It can also allow users to easily save photos on an Instagram feed.

According to Palo Neto’s company website, “The malware steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.”

An estimated 20,000 hijackers were found to use the stolen information to download applications and conduct false purchases within them. Victims have reported suspicious activities in their application purchasing history.

Apple spokesperson Ryan James warned users that jailbreaking tools will increase their iPhones’ exposure to hackers.

“To protect our users from malware, we curate App Store content and ensure all apps in the App Store adhere to our developer guidelines,” noted James. “This issue only impacts those who not only have jailbroken devices, but have also downloaded malware from untrusted sources.”

Meanwhile, Gang Lu, a Chinese blogger for Tech Node, appeals to Apple in defense of why jailbreaking iPhones is especially prominent in China, suggesting the improvements necessary for Apple devices catering to Chinese users.

“Seriously, it’s not just about the free-download of the pirate apps,” explains Lu. “In China, we do need jailbreaking [because] connection with Apple’s App Store is stupidly slow.”

Lu also adds, “The default Chinese input method is difficult to use. I just hate to use iOS’s default input method for Chinese. Switching between Chinese and English is so user un-friendly, the number of Chinese vocabulary is also very limited.”