New Delhi: About 2,25,000 Apple accounts have been compromised in what is called as the largest known theft caused by malware.
Security researchers from Palo Alto Networks and China-based WeipTech have discovered the theft caused by variants of the KeyRaider iOS malware, which targets jailbroken iOS devices.
While most of the affected users are Chinese, the malware has also affected users in other countries including European countries, US, Australia, and South Korea.
The KeyRaider malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. It then steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads, Palo Alto researcher Claud Xiao explains.
A report on Net Security notes that the information is then stored on a C&C sever and used by users of two jailbreak tweaks- iappstore and iappinbuy- to download apps from the App Store and perform in-app purchases for free.
The researchers further said that the jailbreak tweaks are being used by some 20,000 users and the author of the exploit, who goes by the online handle Mischa07, isn’t the only one that distributes it.
The KeyRaider malware further has the functionality to hold iOS devices for ransom. However, one of the biggest threat is to the private data stored on the iCloud accounts of users, including messages, photos, emails, etc. that could lead to unimaginable consequences.
Apple has been informed of the matter and the company could soon release guidelines to fix the issue.
Comments
0 comment