iPhone Jailbreakers Hit with ID Stealing Hack

Security researchers at Palo Alto Networks found another reason to not jailbreak your iPhone: KeyRaider. This nasty bit of malware steals your Apple account user name and password, device GUID, push notification certificates, and more. The upside is that most iPhone and iPad owners don't have to worry about the threat even though Palo Alto Networks says KeyRaider is responsible for the single largest malware-based Apple account theft to date.

KeyRaider malware steals Apple IDs from jailbroken iPhonesKeyRaider malware steals Apple IDs from jailbroken iPhones

"KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts," PAN's report said. "The malware uploads stolen data to its command and control (C2) server, which itself contains vulnerabilities that expose user information."

Once hackers have victim's Apple IDs, they can make purchases on those accounts and some people say their iPhones have been locked and until they pay a ransom.

For most iPhone users, this is little more than a cautionary tale about the importance of staying inside the walled garden of Apple's App Store. The victims used a process called jailbreaking to hack their iPhones so they could install apps that aren't available through the App Store.

While many apps available to jailbreakers are safe, there isn't any vetting process to make sure malware doesn't find its way onto your iPhone or iPad. In this case, most of the jailbreakers hit by KeyRaider are in China and loaded unauthorized apps through the Cedia service.

The easy way to avoid KeyRaider and other iOS-targeted malware is to stay away from the jailbreak scene. Don't hack your iPhone, and don't try to install apps outside of Apple's App Store.