Slashdot Mirror


Over 225,000 Apple Accounts Compromised Via iOS Malware

An anonymous reader writes: Researchers from Palo Alto Networks and WeipTech have unearthed a scheme that resulted in the largest known Apple account theft caused by malware. All in all, some 225,000 valid Apple accounts have been compromised. The theft is executed via variants of the KeyRaider iOS malware, which targets jailbroken iOS devices. Most of the victims are Chinese — the malware is distributed through third-party Cydia repositories in China — but users in other countries have also been affected (European countries, the U.S., Australia, South Korea, and so on). "The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device," Palo Alto researcher Claud Xiao explained. "KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads."

2 of 217 comments (clear)

  1. Perhaps if Apple devices weren't so locked down.. by fluffernutter · · Score: -1, Flamebait

    Less people would feel the need to jailbreak them thus making them totally vulnerable. Let's keep in mind that most of the Apple walled garden is to force people to use Apple services and pay for Apple products and nothing to do with security.

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
  2. Re:Headline leaves out one very important detail by drinkypoo · · Score: -1, Flamebait

    That's hard for you to understand?

    You agree with me, then suggest that I had a hard time understanding what I said? Logic is not your strong point, is it?

    You expect the lock maker to be liable if you leave your door open?

    I expect to be able to go in and out of my door. That's what doors are for. Apple doesn't even give you a door. You have to break your way through the wall. Then there's a hole there. That's why Apple products are only sufficient for sheep. They don't break down walls, they just wander through holes.

    I can't wait for the first PC malware that jailbreaks iOS devices "for you" so that they can be infected. That's going to be hilarious. It'll probably only work for phones without a security code. I wonder what percentage of them that is.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"