Researchers have discovered a new strain of iOS malware dubbed KeyRaider that targets jailbroken devices and has the ability to steal certificates, private keys, and Apple account information. The malware already has claimed the private Apple account data of more than 225,000 victims.
The KeyRaider malware was discovered by researchers at Palo Alto Networks, who were put onto the trail of the attack by a team of amateur enthusiasts in China called WeipTech that had come across a database that was storing the stolen Apple account data. The WeipTech team had heard multiple reports that some users’ Apple accounts were being hit with unauthorized purchases, and eventually found that users of jailbroken devices, who had installed a specific “tweak”, or modification, were being targeted. User data was being gathered and uploaded to a remote server.