Jailbroken iPhones Give Up Apple IDs in Malware Attack

| News

The iPhone jailbreak community is facing a malware threat that steals user's Apple IDs and passwords. Since the threat targets only iPhones and iPads that have been hacked to allow the installation of unauthorized apps, most users are safe.

Unflod malware steals Apple IDs from jailbroken iPhones and iPadsUnflod malware steals Apple IDs from jailbroken iPhones and iPads

The malware threat, dubbed Unflod, grabs Apple ID information before it's encrypted for transfer to Apple's servers, and then transmitted to hackers. So far, security researchers have been able to identify the malware, but haven't figured out exactly where it came from.

"The malicious file can only affect jailbroken devices, and SophosLabs hasn't had any reports of 'in the wild' infections yet," said Paul Ducklin from the security research company Sophos.

It isn't a big surprise that Unflod targets jailbroken devices, meaning iPhones and iPads hacked to let users install apps that haven't been vetted by Apple's iTunes App Store. Since code can be installed that Apple hasn't approved, it's much easier to trick users into loading apps with malicious payloads.

The easiest way to avoid Unflod is by not jailbreaking your iOS device. If you already have, and you're concerned about the threat Unflod poses, you need to restore your iPhone or iPad to its unjailbroken state.

The Mac Observer Spin The Mac Observer Spin is how we show you what our authors think about a news story at quick glance. Read More →

People may complain about Apple's "walled garden" approach to the App Store, but it does help keep out malicious threats like Unflod.

Popular TMO Stories



Who complains about Apple’s “walled garden” approach to the App Store?!?!? Nobody on TMO!!


Sorry but I just had a Nelson moment.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account