Malware has stolen 225,000 Apple account logins from jailbroken iPhones

A newly discovered malware, named KeyRaider, has stolen over 225,000 Apple account logins, harvested from jailbroken iPhones. Users affected have had unauthorised purchases made using their Apple accounts; some have had their iPhones disabled for ransom.

According to Palo Alto Networks, which identified the malware together with WeipTech, KeyRaider is distributed through third-party Cydia repositories in China (Cydia is a third-party app that allows people to find and download apps onto jailbroken iPhones).

KeyRaider appears to have affected users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.

Palo Alto Networks has found over 225,000 valid Apple accounts with passwords stored on a server. The data was uploaded to a website with a SQL-injection vulnerability which made it possible for outsiders to access the records.

KeyRaider only affects jailbroken iOS devices, and Palo Alto Networks has a list of steps to check if your jailbroken device has been infected, and what to do if it is (at the bottom of their post).

Source: Palo Alto Networks via Ars Technica.

Visit Hardware Zone for more stories.