KeyRaider Malware Responsible For Possibly Largest Known Apple Account Theft To Date, Affecting 225,000 Users

Jailbreaking your iPhone has its downsides. In what’s being called the “largest known Apple account theft caused by malware,” security specialists Palo Alto Networks on Sunday released a report detailing a new form of iOS malware it’s calling “KeyRaider,” which is responsible for stealing the account information from over 225,000 Apple customers. The malware targets those with hacked – aka “jailbroken” – iOS devices, so is not a significant threat to the millions of Apple account holders who have not made modifications to their device’s software.

Jailbreaking, for those unfamiliar with the term, is an activity that was more common in previous years as it allowed Apple device owners to install otherwise unapproved apps and tweaks on their iOS devices.

Many of these jailbroken apps allowed users to personalize their iPhone with things like themes, widgets, launchers, different user interfaces and more. However, the activity has declined in popularity as Apple began to address some of the reasons users jailbroke their phones in the first place by adding officially approved customization options like Today widgets, dynamic wallpapers, improved multitasking experiences, custom keyboards, and more.

READ MORE

Pre-installed keyboard leaves 600 million Samsung smartphones vulnerable to hackers

The issue is with the preinstalled SwiftKey keyboard which looks for language pack updates over an unencrypted line. A hacker could create a spoof proxy server and send a fake update to the device with malicious code. The hacker could then exploit the device by eavesdropping on incoming and outgoing messages or voice calls, access personal data such as pictures or text messages, tamper with apps, and even install other malicious apps.

READ MORE