Cloud Computing & Web Services f Samara Lynn hSeptember 02, 2015

New Malware Hacks Over 200,000 Apple IDs

Palo Alto Networks reported a new malware virus in the wild that hacked and stole over 225,000 valid Apple IDs. The company discovered the malware in cooperation with WeipTech, an online technical users' group.

The malware, which Palo Alto Networks dubbed, “KeyRaider,” compromises jailbroken iOS devices and is distributed through third-party Cydia repositories throughout China. Cydia is software that finds and installs other software on jailbroken iOS devices.

KeyRaider didn't just steal over 225,000 Apple accounts. It also confiscated thousands of certificates, private keys, and purchasing receipts, according to Palo Alto Networks.

The malware executes the following behaviors:

As if those actions aren’t bad enough, KeyRaider also has built-in functionality to hold iOS devices for ransom. Palo Alto Network states that “One victim reported that his phone was locked while prompted message in screen is 'Please contact by QQ or phone to unlock it.'"

Palo Alto Networks also issued this caution:

With a victim’s Apple account and password, attackers can launch all kinds of additional attacks. For example, they can control the device through iCloud and compromise the victim’s private data contained in their iMessage logs, contacts, photos, emails, documents and location. In 2014, for example, many celebrities’ iCloud accounts were hacked and photos leaked, which raised awareness of the threat from stolen Apple account credentials.

In addition, hackers can use stolen Apple IDs for numerous money-making schemes including using hacked accounts to promote their own apps in the App Store, purchasing apps with other users’ IDs, selling stolen IDs to spammers and wreaking all other kinds of havoc.

Some victims have already reported that their stolen Apple accounts show abnormal app purchases and others claimed their phones have been held for ransom.

Apple has yet to address Palo Alto Network’s finding via a statement or press release, but Palo Alto Networks offers the following advice for protecting your Apple ID from a KeyRaider attack:

Our primary suggestion for those who want to prevent KeyRaider and similar malware is to never jailbreak your iPhone or iPad if you can avoid it. At this point in time, there aren’t any Cydia repositories that perform strict security checks on apps or tweaks uploaded to them. Use all Cydia repositories at your own risk.

We also suggest all affected users change their Apple account password after removing the malware, and enable two-factor verifications for Apple IDs.

Image: Pixabay

Articles you might like
Audio over IP
Audio over IP (AoIP) can be music, intercom, paging, alarms, or any other audio communications that...
Virtual Reality Brings a Whole New Way To Collaborate
So we've been talking about AR and VR for quite some time now, but beyond a few video games here and...
Not Another Wall Tablet: Google Launches The New...
Google never ceases to confuse me. Once only a search engine giant, Google has spread itself out...
Twitter
Linkedin
Facebook
Email