Until know, hackers have stolen more than 250.000 Apple account.
Palo Alto Networks, a security company, named this attack “the largest known Apple account theft caused by malware.” This Company discovered the hack together with Chinese tech group WeipTech.
For most iPhone customers, the good news us that this malware, named KeyRaider, targets only the “jailbroken” iPhones. Jail-breaking will allow iPhone owners to access parts of a phone’s part system, parts that are restricted for security reasons.
HeyRider is mostly found in Chinese apps and websites that provide software for jailbroken iPhones. However, this malware spread far beyond China and now exists in18 countries, along with United States.
An iPhone infected with this KeyRidere malware will give up all of its owner’s iTunes App Store information to the hackers. Including the password, the iPhone’s unique ID and the Apple account username. Also, the hackers can steal all the information about the owner’s App Store purchases.
The hackers won’t keep all this juts for themselves. They allow other people to take advantage of the stolen account information. Until now, the hackers uploaded software that lets other people obtain iTunes apps for “free”, using the victims’ accounts. An interesting fact is that about 20.000 peoples have downloaded the software that allows them to steal from the 255.000 affected iPhone owners.
Nicko Van Someren, the chief technology officer of mobile security company Good Technology, said “Users … need to consider carefully if the additional functionality is worth the additional risk.”