Apple is known for its hard core security but what can be done if a user has jailbroken his phone? A recent iOS malware has given rise to the biggest ever cyber theft. The new malware has helped hackers to acquire 250,000 Apple accounts. A research team at Palo Alto network has named the malware as KeyRaider. The malware works in cooperating with an app called Cydia which makes the Apple accounts more vulnerable to threats.
Apple always advices its users not to jailbreak devices or do anything that might be deleterious to the security of the Phone systems but users do not always pay heed. The theft has been identified as the biggest ever theft. When a user has downloaded the app, with the malware affecting its internal security, it will start intercepting iTunes traffic. After affecting it, the KeyRaider malware will begin to hijack its data. According to Palo Alto Networks, “KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.”
The malware will not only gather all passwords and security credentials but also make app purchases without permission of the user. The issue was encountered first by a student in China who wondered unwanted app purchases from his jailbroken iPhone. From that instance, researchers started working on the malware. Palo Alto said that the malware has the ability to locally disable any kind of unlocking operations, like entering correct passcodes. “Also, it can send a notification message demanding a ransom directly using the stolen certificate and private key, without going through Apple’s push server. Because of this functionality, some of previously used “rescue” methods are no longer effective”, said Palo Alto.