Apple has a very tightly controlled ecosystem when it comes to iOS, which annoys some people as Google’s Android OS is the exactly the opposite of that. That leads some people to “jailbreak” their devices or open them up so that they can do anything that they want. I’ve always said that “jailbreaking” and iOS device is not a good idea as it potentially opens yourself up to a world of hurt. Case in point is the “KeyRaider” malware that is in the wild. Here’s what it does according to researchers at Palo Alto:
KeyRaider targets jailbroken iOS devices and is distributed through third-party Cydia repositories in China. In total, it appears this threat may have impacted users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.
The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.
KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts. The malware uploads stolen data to its command and control (C2) server, which itself contains vulnerabilities that expose user information.
Needless to say that if you haven’t jailbroken your iDevice, you have nothing to worry about. Now this piece of malware comes on the heels of the Hacking Team iOS malware that only works if you have a “jailbroken” iDevice. Thus underscoring the fact that you are much better of running the default software that came with your iDevice. It’s not as interesting, but it’s way safer.
Related
This entry was posted on August 31, 2015 at 2:19 pm and is filed under Commentary with tags Apple, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Another Reason Not To Jailbreak Your iDevice… “KeyRaider” Malware Is On The Loose
Apple has a very tightly controlled ecosystem when it comes to iOS, which annoys some people as Google’s Android OS is the exactly the opposite of that. That leads some people to “jailbreak” their devices or open them up so that they can do anything that they want. I’ve always said that “jailbreaking” and iOS device is not a good idea as it potentially opens yourself up to a world of hurt. Case in point is the “KeyRaider” malware that is in the wild. Here’s what it does according to researchers at Palo Alto:
KeyRaider targets jailbroken iOS devices and is distributed through third-party Cydia repositories in China. In total, it appears this threat may have impacted users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.
The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.
KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts. The malware uploads stolen data to its command and control (C2) server, which itself contains vulnerabilities that expose user information.
Needless to say that if you haven’t jailbroken your iDevice, you have nothing to worry about. Now this piece of malware comes on the heels of the Hacking Team iOS malware that only works if you have a “jailbroken” iDevice. Thus underscoring the fact that you are much better of running the default software that came with your iDevice. It’s not as interesting, but it’s way safer.
Share this:
Like this:
Related
This entry was posted on August 31, 2015 at 2:19 pm and is filed under Commentary with tags Apple, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.