Login credentials for 225,000 Apple customers stolen, leaked online

JAILBREAKING your iPhone to install third-party apps not offered by the Apple Store might have been a great idea at the time, but hindsight is a wonderful thing.

Researchers at Palo Alto Networks have discovered a security threat that has collected the login credentials of more than 225,000 Apple customers using jailbroken iPhones.

The malware, known as KeyRaider, is primarily distributed in apps downloaded from the third-party app delivery platform Cydia.

While China has been the hardest hit, the threat is believed to have impacted users from 18 countries including America, Canada and Australia.

“[The malware] steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device,” Palo Alto Networks wrote.

“KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.”

Chinese technology firm WeipTech has since located half the database of stolen account information and has created an online checker for users to see if they have been compromised (Note: Google Translate may be required as the website is in Chinese).

However, if your iPhone still has the default configurations, there is no need to check as the bug only affects jailbroken devices.

If you have been caught out in the hacking scandal, it is suggested you clear your phone to delete the corrupted files.

It is also being suggested all affected users change their Apple account password after removing the malware.

Source: http://www.news.com.au/technology/online/login-credentials-for-225000-apple-customers-stolen-leaked-online/story-fnjwnj25-1227508036288

. . . . . . . .

Print Friendly

Leave a Reply