Stories
Slash Boxes
Comments

SoylentNews is people

'KeyRaider' IOS Malware Targets Jailbroken Devices

posted by cmn32480 on Tuesday September 01 2015, @04:22PM   Printer-friendly
from the malware-isn't-just-for-windows-anymore dept.

Arthur T. Knackerbracket writes in withe a story from ComputerWorld:

Credentials for more than 225,000 Apple accounts have been stolen by sophisticated malware that targets modified iOS devices, according to Palo Alto Networks.

The malware, which is nicknamed KeyRaider, enables attackers to download applications from Apple's App Store without paying or to lock devices in lieu of a ransom.

"We believe this to be the largest known Apple account theft caused by malware," wrote Claud Xiao of Palo Alto Networks in a blog post.

Palo Alto Networks notified Apple of KeyRaider on Aug. 26 and provided the stolen account information, Xiao wrote. Apple officials in Sydney couldn't be immediately reached on Monday.

KeyRaider can infect only those who have "jailbroken" their Apple device. Jailbreaking removes Apple's protections that limit what apps can be installed on a device. Apple advises against jailbreaking for security reasons.

...

KeyRaider taps into system processes within Cydia, which is the application used for downloading apps for jailbroken phones. It steals Apple account usernames, passwords and a device's GUID by intercepting iTunes traffic, which it can then use to fraudulently download apps. The malware also collects certificates, private keys and purchase receipts.

In another style of attack, KeyRaider was used for at least one ransomware attempt. The malware can "locally disable any kind of unlocking operations, whether the correct passcode or password has been entered," Xiao wrote.

Original Submission

 
This discussion has been archived. No new comments can be posted.
'KeyRaider' IOS Malware Targets Jailbroken Devices | Log In/Create an Account | Top | 11 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by Gertlex on Wednesday September 02 2015, @12:03AM

    by Gertlex (3966) Subscriber Badge on Wednesday September 02 2015, @12:03AM (#231036)

    One detail I failed to glean from the summary (or the comments) is how this 'malware' is spread to devices. Is it an app you have to install via Cydia? Bundled into other apps in Cydia? Jumping from the Safari browser onto iOS devices?

    But agreed, hooray otherwise informative summary! (though the capitalization of the i in iOS is incorrect, too)

  • (Score: 0) by Anonymous Coward on Friday September 04 2015, @09:52PM

    by Anonymous Coward on Friday September 04 2015, @09:52PM (#232433)

    I thought they were talking about Cisco routers.

    I tune in IOS and tune out iOS.

    The headline made no sense to me as a result, but they say that those weird networky types live on a higher plane of existence so maybe I just don't get what everyone else is thinking.