YIBADA

225000 iPhone Accounts Hacked: Chinese Malware Steals Passwords

| Sep 02, 2015 09:41 PM EDT

Rumors claim that Apple will focus heavily on the iPhone and Apple TV on its upcoming event.

Thinking of jailbreaking your iPhone? This may make you think twice: more than 225, 000 iPhone accounts had been hacked using a malware, a US-based security company claimed.

In a white paper, Palo Alto Networks posted its findings that at least 225, 000 iPhone accounts has been hacked by a malicious software found mostly on Chinese websites and apps that offer software to jailbreak iOs devices.

"In cooperation with WeipTech, we have identified 92 samples of a new iOS malware family in the wild. We have analyzed the samples to determine the author’s ultimate goal and have named this malware “KeyRaider”, wrote Claud Xiao in the executive summary of his paper for Palo Alto Networks

"We believe this to be the largest known Apple account theft caused by malware."

The malicious software, identified as KeyRaider, targets jailbroken iOS devices and is distributed in China. It is estimated that the malware managed to affect users from 18 countries including the United States, Canada, United Kingdom, China, and Australia among others.

Once the jailbroken iOs device is affected by the malware, hackers can easily retrieve the owner's iTune account information, such as Apple account name, password, and the device's unique ID.

But hackers are not only keeping the information for them to use, they are also allowing other parties to use the information. Hackers have uploaded a software that allows third parties to exploit the victim's information. According to the paper, about 20, 000 users have downloaded the software to access the information from the estimated 225, 000 hacked iPhone accounts.

Jailbreaking allows sophisticated iOs device users to bypass security measures placed by Apple in order to customize the phone to their liking, and allow them to download Apps that are not available on the official App Store. However, it comes with a risk: it also allows hackers to access information that the security measures were set to prevent.

Xiao wrote that some victims has reported unauthorized purchases and installation of apps, as early as July 2015.

Related News

Most Popular

EDITOR'S PICK