Hackers steal over 250,000 Apple accounts from jailbroken devices

4.6
Dubbed the largest theft of its kind, security research firm Palo Alto Networks has outlined a new type of iOS malware that it's calling KeyRaider, which the company claims has facilitated hackers in claiming over 250,000 devices and their respective Apple accounts already.

The exploit, which is exclusively aimed at jailbroken devices, worms its way onto your device through Cydia, the popular third party app store for jailbroken devices. Once its found it way on your device, it can not only uncover your password but also intercept data. Palo Alto Networks explained the operation of the exploit as follows:

KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.

Since it hampers your ability to unlock the device, it serves as the perfect means of extorting users for a ransom to continue operation of their device. It doesn't stop there: it can also download and buy apps without your permission if you refuse to pay the ransom, the hacker could simply charge hefty amounts of app charges to your credit card out of spite, adding to the already massive headache anyone affected will probably have by now.

The only silver lining in this case is that the exploit can only affect jailbroken devices, serving as another stark reminder of the perils of fooling around with the root access to your device.

Posted:
Related Forum: Mobile Devices

Source: http://www.neowin.net/news/hackers-steal-over-250000-apple-accounts-from-jailbroken-devices

Comments

"Hackers steal over 250,000 Apple accounts from jailbroken devices" :: Login/Create an Account :: 70 comments

If you would like to post a comment please signin to your account or register for an account.

FibrilPosted:

LPD So is this only if I've installed a certain tweak or can it just get on my iPad I mean I don't buy or use many passwords on my iPad do this doesn't bother me that much and I suppose it's pretty impressive


It was a few tweaks people had to install from a Chinese repo. One tweak was to make in app purchases free and another to download any app from AppStore or something like that.

RipPosted:

-urzx
DasBesteOderNichts Wow, the security they have is shit, first iCloud now this


Your comment is so retarded I had to sign in to respond.

It's for jail broken devices only!! Did you even read the article?!? Apple doesn't promote jail breaking there devices because of things like this! People post the dumbest things on here just to get there post count up. Smdh....
OMG haha. Lucky I never jailbroke my phone before.

Toasty-Posted:

Wouldn't really say they got 'hacked'. It was phished.

LPDPosted:

So is this only if I've installed a certain tweak or can it just get on my iPad I mean I don't buy or use many passwords on my iPad do this doesn't bother me that much and I suppose it's pretty impressive

Index_AddictPosted:

oddly enough this is the first im hearing of this

SpeedomPosted:

Wow, the security they have is shit, first iCloud now this

XBL-ABPosted:

gtapro151 hhaah im gonnna start it.....appls cant get virus apple cant get virus :DDDDD


you're clearly uneducated...
Macs get viruses too. Just not as common because only idiots use macs. Macs are only good for deleting and documents.

TiffxnyPosted:

wow this is nuts, i had a jailbroken ipod back in the day, when my battery was dying the notification would say BATTERY LOW
3873289752% LEFT or some big ass number lol

JM-Posted:

Wow I'm glad I reset my iphone and got rid of my jailbreak last month..

gtapro151Posted:

Tree_Fiddy
gtapro151 hhaah im gonnna start it.....appls cant get virus apple cant get virus :DDDDD


They can't? There are no viruses on the current IOS version for phones/tablets


they "can't?" none bothers making them because 1% of the world uses macs rather then pc's. but if they wanted as proved by this topic they can steal data from whoever they want.