Hackers raid Apple accounts via jail-broken iPhones
San Francisco, September 2
Hackers targeting jail-broken iPhones have raided more than 225,000 Apple accounts, using them for app-buying sprees or to hold phones for ransom, researchers said on Tuesday.
Jail-broken means modified to run apps not sanctioned by Apple. “We believe this to be the largest known Apple account theft caused by malware,” computer security firm Palo Alto Networks said.
An attack using malicious code dubbed ‘KeyRaider’ was discovered by WeipTech, an amateur technical group from Weiphone, described as one of the largest Apple fan websites in China.
In July, WeipTech members began investigating reports that some people’s Apple accounts were used to make unauthorised purchases or application installations. WeipTech worked with Palo Alto Networks to uncover KeyRaider.
KeyRaider is being distributed through Cydia repositories in China but may be affecting users in 18 countries, including France, Australia, and the United States, according to Palo Alto Networks.
Cydia repositories are locations where software for jail-broken iPhones can be found and installed.
KeyRaider targets Apple mobile devices that have been jail-broken, or altered to run applications or other software not sanctioned by the California-based maker of iPhones, iPads, and iPods.
The malicious code steals Apple account information by intercepting iTunes traffic and App Store purchase data. It can also be used to thwart users from unlocking iPhones or iPads, according to researchers.