It has been collecting usernames, passwords, and payment information.
Palo Alto Networks, a security firm, announced that they have been cooperating with amateur technology group WeipTech to identify a malware that has affected over 225,000 Apple accounts.
The malware, which they have called “KeyRaider,” steals iTunes usernames, passwords, and payment information. It then stores it all on a server, which is itself vulnerable to exposure, which is how WeipTech discovered it. With over 225,000 users affected, Palo Alto Networks is calling this “the largest known Apple account theft caused by malware.”
KeyRaider targets iPhones that have been “jailbroken,” meaning that they have been unlocked to allow the user to download programs that are not authorized by Apple. Although this practice gives you access past what Apple permits, it also strips your device of virtually all security measures.
Palo Alto Networks and WeipTech have discovered two iOS jailbreak tweaks, which have been downloaded upwards of 20,000 times, that allow users to get apps and in app purchases without actually purchasing them. But someone still has to pay; thus, KeyRaider. The tweaks use the malware victims’ account information to allow users to download non-free items for free. KeyRaider has also been used to lock phones and hold them for ransom.
If you haven’t jailbroken your phone, you haven’t been affected. For those of you risk-takers who have, Palo Alto Networks shows you how to determine whether or not your iPhone has been infiltrated. Also, go ahead and un-jailbreak your phone; live the cautious life with the rest of us common-folk.