To top
Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on LinkedInEmail this to someone

Malware infections are quite common on Microsoft Windows, and to an extent on mobile phones as well. Malware, however, is virtually unheard of on Apple devices. Wired has reported that 225,000 iOS users have been compromised—mostly Chinese iPhones—by a piece of malware called KeyRaider. The malware steals iOS users’ iTunes login credentials, and is embedded in code that tweaks the iPhone’s operating system. Tweaking a mobile operating system is a process known as jailbreaking.

The victims have jailbroken their phones to download apps not approved by the App Store, which is a risky practice in itself, but is common outside the United States. Palo Alto Networks, a security firm, called it “the largest known Apple account theft caused by malware.” Fortunately, the culprits didn’t cover their tracks entirely, and WeipTech, a Chinese amateur technical group composed of users from Apple fan website Weiphone, was able to access KeyRaider’s database of stolen credentials. Half of the victims use qq.com, a popular Chinese service. Other victims used sina.com, 163.com and 139.com, and even American domains such as hotmail.com.

Is Apple’s ecosystem in trouble as a result? Since the infection only spreads through jailbroken devices, the chances of it reaching the typical iPhone user is practically zero. “The average iPhone user hasn’t jailbroken their phone,” said Ryan Olson, a researcher at Palo Alto Networks. “If you’ve jailbroken your phone, you should worry about KeyRaider and a lot of other threats like it,” he continued, warning against the risks of jailbreaking your device.

While KeyRaider originated in China, CNN has reported that the malware has spread to jailbroken iPhones in 18 countries, including the United States. The hackers have also uploaded software to allow people to purchase iTunes apps for free using victims’ accounts. In some cases, the hackers have even held iPhones for ransom, locking the devices and only freeing them in exchange for money. The malware can even lead to greater consequences for those who frequently use mobile wallet apps such as Apple Pay, because it is also capable of accessing your phone ID and security certificates.

Forbes reported that WeipTech members began to look for the jailbreak tweak that caused the malware infection, and found that the code used AES encryption, a standard so secure that even the United States government uses it. Its weakness, however, is brute force attacks, which can be overcome with strong passwords. Due to people using poor passwords and being hacked as a result, many websites now require people to include uppercase and lowercase letters, and some even require the use of numbers and symbols.

While jailbreaking may offer tech-savvy users the ability to customize iPhones to their liking and install apps not available on the App Store, it also leaves the devices wide open for attack by hackers by bypassing important barriers Apple puts in place to protect its ecosystem. “Users need to consider carefully if the additional functionality is worth the additional risk,” said Nicko Van Someren, Chief Technology Officer (CTO) at Good Technology, a mobile security company.

Leave a Reply

We are on Instagram