Over 225,000 Apple Accounts Compromised Via iOS Malware

An anonymous reader writes: Researchers from Palo Alto Networks and WeipTech have unearthed a scheme that resulted in the largest known Apple account theft caused by malware. All in all, some 225,000 valid Apple accounts have been compromised. The theft is executed via variants of the KeyRaider iOS malware, which targets jailbroken iOS devices. Most of the victims are Chinese — the malware is distributed through third-party Cydia repositories in China — but users in other countries have also been affected (European countries, the U.S., Australia, South Korea, and so on). "The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device," Palo Alto researcher Claud Xiao explained. "KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads."

Jail broken devices?

Only jail broken devices were affected. Anyone who jail breaks is aware of the risk they are taking.

Re:Rotten apple ?!?

Affect only jail-broken devices. How is the even relevant news?

Re:Headline leaves out one very important detail

[dimeglio]

Pretty much. That's the point of living in a walled garden. You break the wall, who knows what's going to step inside.

Re:Headline leaves out one very important detail

So, if I run OpenBSD, but replace OpenSSH with Bob'sSSH, and there is a security problem with Bob'sSSH, it's OpenBSD's fault?

Re:Rotten apple ?!?

I'd argue that it's relevant news but I would also say that people who are employing hacks on their devices should realize that the original vendor can't be held accountable for shoddy modifications from a bunch of script kiddies.