Unprecedented Malware Attack Hits Jailbroken iPhones

If you have been waiting for a persuasive, and quite frankly conclusive, argument against jailbreaking your iPhone, that wait is over. Apple’s iOS has just experienced its largest ever malware attack, affecting more than 225,000 users, all of whom had jailbroken their iPhones The malware, nicknamed KeyRaider by IT security specialists Palo Alto Networks, allows hackers complete access to the user’s Apple accounts, granting them administrative rights and virtual control over the device and the data contained within. So far, the attack has been largely concentrated in China, which stands as Apple’s largest market for its flagship iPhone. That being said, the West has not been untouched by the security breach, which is said to be spreading to more than 18 countries, including the UK, US, Canada, Germany, and France.

Compromised Security

Jailbreaking an iPhone allows the user to download and install a wider variety of third party apps, and many people have taken this route as a way to increase their access to software. However, these apps are neither vetted, nor approved, by Apple, and they circumvent the company’s meticulous security protocols. KeyRaider is piggybacking on these third party apps, most of which are being supplied by Cydia, a software platform that caters to jailbroken iPhones. The attack is more widespread in China, because the country is both the largest market for the iPhone and the process of jailbreaking is more common than in the west. But make no mistake, while the malware may be more common in China the KeyRaider attack has extended far beyond its borders.

Largest Apple Account Theft in History

Working in conjunction with the China-based iPhone user group WeipTech, Palo Alto Networks was able to identify 92 different iterations of the KeyRaider malware. Together, they found more than 225,000 valid Apple accounts, with passwords, certificates, and private keys, stored on KeyRaider’s command-and-control servers. The stolen account details were mostly used to download paid software and to make in-app purchases through Apple’s App Store, all for free and without the account owner’s knowledge. It was this irregular purchasing pattern that led WeipTech to recognize the attack, and to ultimately track down and identify the KeyRaider malware. Claud Xiao, a researcher with Palo Alto has call it “the largest known Apple account theft caused by malware”.

Held to Ransom

Unfortunately, the KeyRaider malware attack may go further than simple theft and fraud. The harvested account details also gives hackers direct access to the owner’s device, allowing them to take control of the lock function and to quite literally hold the phone for ransom. Users are locked out of their iPhones until they pay the hacker a ransom in exchange for the code that will unlock the handset and restore control of the device. Ransomware has become a growing problem for smartphones, particularly those running the Android operating system. But this new malware attack has put Apple, and its customers, in the ransom cross hairs.

Protecting Yourself and Your Accounts

As massive as this malware attack is, it is important to point out that if you haven’t jailbroken your iPhone you are safe. Apple’s security protocols are some of the best in the business, and KeyRaider can only infect those devices that have been modified. If you have jailbroken your iPhone, but have been careful not to download any suspicious apps, chances are good that you are still safe. However, if you have downloaded any third party apps that you feel may be suspect, or you simply want to put your mind at ease, you should check your iPhone immediately to see if it has been infected by the KeyRaider malware.

The jailbreaking of iPhones has become fairly popular of late, mostly due to the public’s dislike of having their software choices so intensively controlled by a company; even a company as popular as Apple. But the KeyRaider malware should illustrate the potential dangers of modifying your iPhone (or any smartphone for that matter) against the manufacturer’s advice. Apple has been extremely vocal in its opposition to users modifying their devices, and while there is little they can do to stop the public from jailbreaking their own iPhones, it would appear that they know best. This latest malware attack, the largest in Apple’s history, should demonstrate to anyone considering jailbreaking their iPhone that Apple knows what they’re doing, and it’s wise to follow their security advice to the letter.

Leave a Reply

Your email address will not be published. Required fields are marked *