KeyRaider malware steals 225,000 Apple Accounts

 

keyraider-100611098-mediumPHOTO: Palo Alto Networks

According to Palo Alto Networks :

KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts. The malware uploads stolen data to its command and control (C2) server, which itself contains vulnerabilities that expose user information.

“We believe this to be the largest known Apple account theft caused by malware,” wrote Claud Xiao of Palo Alto Networks

KeyRaider affects only devices that have been jailbroken.

It steals Apple account usernames, passwords and a device’s GUID by intercepting iTunes traffic, which it can then use to fraudulently download apps. The malware also collects certificates, private keys and purchase receipts.

In another style of attack, KeyRaider was used for at least one ransomware attempt.

Palo Alto Networks notified Apple of KeyRaider on Aug. 26 and provided the stolen account information, Xiao wrote.
Let’s see if anything is done.

Tip:
Get a BlackBerry. You don’t have to jailbreak it to make it useful.. and you’re much less likely to be the target of this type of malevolence.

Blackjack

I am a long time BlackBerry user and fan. Beginning with the 7520, I have recognized the value of subtle productivity enhancements in BlackBerry devices for business communication and have never since strayed. Even when the iPhone took the market by storm, I was unimpressed, because it did nothing to help my business needs. Currently enjoying my one handed dream phone, the Classic! BB10 with a toolbelt! Today I contribute to UTB whenever I feel that I can help enlighten someone on the benefits of using BlackBerry over any other platform.

Top