Why You Shouldn’t Panic About Your iPhone & KeyRaider

iOS / Mobile / Security
jailbroken iphone malware

Cue the fearmongering! Alert the media! Thousands millions of users’ data at risk!

Ok, so we don’t necessarily want to downplay the security risk of this newly discovered malware, dubbed KeyRaider, but we also want to be levelheaded about it. So let’s be clear from the start: it only affects your iPhone if you have jailbroken it. If you haven’t done any jailbreaking, if you have no clue what jailbreaking is, if you thought jailbreaks only happened down at the county lockup, then you should be fine.

Reports are saying that login information for as many as 225,000 Apple accounts may have been stolen using malware that targets jailbroken iPhones.

The research was published by Palo Alto Networks and Chinese technology group WeipTech. The breach apparently allows hackers to download apps using the hacked account, as well as remotely locking the device and holding it for ransom. Other reports I’ve seen suggest that Apple Pay info could be at risk but I’ve not been able to confirm that.

Apple does not evaluate jailbreak tweaks, which is how it appears the malware has been spread. The tweaks have been downloaded more than 20,000 times, which leads researchers to believe that there are a lot of people taking advantage of the stolen account credentials.

Some people have reported unusual purchasing history in their App Store accounts while others have had their devices locked for ransom, according to researchers.

Apple advises users to not jailbreak their devices due to security issues. According to Apple’s support site:

Jailbreaking your device eliminates security layers designed to protect your personal information and your iOS device. With this security removed from your iOS device, hackers may steal your personal information, damage your device, attack your network, or introduce malware, spyware or viruses.

According to Palo Alto Networks, they reported the stolen data to Apple on August 26. They also noted that they were only able to recover half of the stolen account information before the hacker fixed the vulnerability.

It is strongly suggested that any possible affected users change your Apple account password immediately after cleaning the malware from your system and then enabling two-factor verification for your Apple ID as an extra precaution.

If you’re running a jailbroken iOS device currently, it definitely would pay to check into things more closely, especially if you’ve noticed any unauthorized transactions at any time on your Apple ID.

Personally I don’t jailbreak. When I used Android I didn’t do much rooting. However I know that there are people who love to do it. Just be careful out there.

Are you a jailbreaker? Have you noticed any weird activity? Let us know in the comments.

  Source: ABC News
To Top