KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts. The malware uploads stolen data to its command and control (C2) server, which itself contains vulnerabilities that expose user information.
“We believe this to be the largest known Apple account theft caused by malware,” wrote Claud Xiao of Palo Alto Networks
KeyRaider affects only devices that have been jailbroken.
It steals Apple account usernames, passwords and a device’s GUID by intercepting iTunes traffic, which it can then use to fraudulently download apps. The malware also collects certificates, private keys and purchase receipts.
In another style of attack, KeyRaider was used for at least one ransomware attempt.
Palo Alto Networks notified Apple of KeyRaider on Aug. 26 and provided the stolen account information, Xiao wrote.
Let’s see if anything is done.
Get a BlackBerry. You don’t have to jailbreak it to make it useful.. and you’re much less likely to be the target of this type of malevolence.