KeyRaider – Apple Jailbreakers, You Have Been Pwned!

CydiaThe popular iDevice jailbreaking tool and app market Cydia, was the source of a new malware dubbed “KeyRaider”. As a result upwards of 225,000 jailbroken devices have been affected. This is the largest theft of Apple credentials to date according to Palo-Alto Networks.

In cooperation with WeipTech, we have identified 92 samples of a new iOS malware family in the wild. We have analyzed the samples to determine the author’s ultimate goal and have named this malware “KeyRaider”. We believe this to be the largest known Apple account theft caused by malware. – Palo-Alto Networks

The data compromised included user accounts, purchase history, private keys and certificates. The apparent intent of the original code was to bypass in-app purchases and allow the user to access paid content for free, but the server where this information was stored was unsecured and allowed access to the data via SQL-Injection. For more information, and how to protect yourself if you’re an Apple user, head on over to Palo-Alto’s site.