KeyRaider Malware Responsible For Possibly Largest Known Apple Account Theft To Date, Affecting 225,000 Users

Jailbreaking your iPhone has its downsides. In what’s being called the “largest known Apple account theft caused by malware,” security specialists Palo Alto Networks on Sunday released a report detailing a new form of iOS malware it’s calling “KeyRaider,” which is responsible for stealing the account information from over 225,000 Apple customers. The malware targets those with hacked – aka “jailbroken” – iOS devices, so is not a significant threat to the millions of Apple account holders who have not made modifications to their device’s software.

Jailbreaking, for those unfamiliar with the term, is an activity that was more common in previous years as it allowed Apple device owners to install otherwise unapproved apps and tweaks on their iOS devices.

Many of these jailbroken apps allowed users to personalize their iPhone with things like themes, widgets, launchers, different user interfaces and more. However, the activity has declined in popularity as Apple began to address some of the reasons users jailbroke their phones in the first place by adding officially approved customization options like Today widgets, dynamic wallpapers, improved multitasking experiences, custom keyboards, and more.


Cyber-thieves can reap returns of almost 1,500% when they invest in ransomware

Look at how much cash typical cybercriminals spend and what their potential profits might be: It estimated it would cost $5,900 (£3,860) to buy a ransomware kit that could return up to $90,000 in one month of operation. Experts said people should take precautions and avoid paying up if they get hit.

Ransomware involves a malicious program infecting a machine, scrambling key files and then demanding the machine’s owner pay cash before the data is unscrambled. According to a report from Intel-owned security firm McAfee Labs, high-tech extortion schemes nearly doubled in the first three months of 2015.


Kaspersky: Internet of Things means Internet of Threats

The way Eugene Kaspersky sees it, there may soon come a day when you wake up and your coffeemaker refuses to brew anything – or worse, will only brew decaf – until you pay up on the ransomware that has infected it.

Kaspersky, CEO of Kaspersky Lab, told some of the company’s top partners at its annual North American Partner Conference here this weekend that he believes IoT stands not only for “Internet of Things,” but also for “Internet of Threats.”


Antivirus tools miss almost 70 percent of malware within the first hour

Within the first hour of submission, AV products missed nearly 70 percent of malware. Further, when rescanned to identify malware signatures, only 66 percent were identified after 24 hours, and after seven days the total was 72 percent. It took more than six months for AV products to create signatures for 100 percent of new malicious files….


The Challenge of Preventing Browser-Bourne Malware

“We surveyed 645 IT and IT security practitioners who are familiar and involved in their company’s
efforts to detect and contain malware. Survey participants were from U.S. businesses with an
average of more than 14,000 employees.

All of the organizations represented in this research have built a multilayer defense-in-depth architecture in an effort to prevent these types of attacks.

Despite having such technologies in place, over the past 12 months, these organizations
experienced an average of 51 security breaches because of a failure in malware detection….”