Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
IOS China Security Apple

Over 225,000 Apple Accounts Compromised Via iOS Malware 217

An anonymous reader writes: Researchers from Palo Alto Networks and WeipTech have unearthed a scheme that resulted in the largest known Apple account theft caused by malware. All in all, some 225,000 valid Apple accounts have been compromised. The theft is executed via variants of the KeyRaider iOS malware, which targets jailbroken iOS devices. Most of the victims are Chinese — the malware is distributed through third-party Cydia repositories in China — but users in other countries have also been affected (European countries, the U.S., Australia, South Korea, and so on). "The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device," Palo Alto researcher Claud Xiao explained. "KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads."
This discussion has been archived. No new comments can be posted.

Over 225,000 Apple Accounts Compromised Via iOS Malware

Comments Filter:
  • by Anonymous Coward on Monday August 31, 2015 @08:45AM (#50426091)
    Only jail broken devices were affected. Anyone who jail breaks is aware of the risk they are taking.
    • by geogob ( 569250 ) on Monday August 31, 2015 @09:31AM (#50426525)

      Anyone who jail breaks is aware of the risk they are taking.

      I think they just heard me laugh all the way to China. Seriously, most people can't even grasp the concept of risk when think of software and operating systems. How in the world do you expect them to understand those risk?

      No. Contrary to some believes, most (as in almost) all jailbrokers have no clue what they do and have no idea of what are the risks involved and how important (or not) they are.

    • Correct question is "why do they jailbreak?".

      • Correct question is "why do they jailbreak?".

        It said most of the affected devices were in China, infected via a third-party Cydia site. Meaning, they jailbreak so they can install pirated apps for free instead of paying Apple in the official app store.

  • by berj ( 754323 ) on Monday August 31, 2015 @08:45AM (#50426093)

    Headline leaves out the fact that this isn't just any old iOS malware. It affects only *jailbroken* devices.

    That's a pretty important distinction.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Well, it's the same distinction that people miss on over 99% of android malware. The overwhelming majority of the malware is only viable on rooted devices and is spread via third-party app stores and "free" APK download sites.

    • by gstoddart ( 321705 ) on Monday August 31, 2015 @08:57AM (#50426201) Homepage

      Oh, really?

      The theft is executed via variants of the KeyRaider iOS malware, which targets jailbroken iOS devices. Most of the victims are Chinese â" the malware is distributed through third-party Cydia repositories in China

      The headline might leave it out, but the summary sure makes it plain.

  • I'm pretty sure technology will drive us toward a paper cash-only society.
    • by linuxguy ( 98493 )

      > I'm pretty sure technology will drive us toward a paper cash-only society.

      This story isn't about someone's bank account being depleted because of software security issues.

      For every story you show me where someone lost cash electronically because of software security issue, I will show you 10 where someone lost paper cash. Either it was stolen from their house, work or they were robbed on the street.

      Is paper cash more secure than electronic cash and transactions? The data certainly does not show it.

  • by Aqualung812 ( 959532 ) on Monday August 31, 2015 @09:22AM (#50426449)

    I'm an Apple iOS user, and a former Palm/Windows CE/Blackberry/Windows Phone/Android user.

    I simply don't understand jailbreaking an iPhone. The whole point of me having an iPhone is to take advantage of the walled garden.

    If I want something with better hardware on a lower price that I can customize any way I want, I'd have an Android again.

    Since having a reliable and secure phone is more important to me than features, I have have decided to get an iPhone and not jailbreak it.

    Can those that do jailbreak explain why they don't go to Android?

    • by brunes69 ( 86786 )

      If you had ever used a jailbroken iPhone and realized the capabilities it unlocks, you would change your mind.

      The idea that a jailbroken iPhone is more or less secure than an unjailbroken one is a fallacy. The people got this malware by downloading and installing pirated iOS applications that were infected with it - something that is ENABLED by jailbreaking. Just because a phone is jailbroken does not put it into some unsecure state, you have to do that yourself.

      • by joh ( 27088 ) on Monday August 31, 2015 @09:48AM (#50426667)

        Of course jailbreaking iOS puts it into some insecure state. Quite literally. Jailbreaking circumvents code signing for all code that runs on the device which means that every bit of code that makes its way onto the phone will happily run now. Also using the repositories means that you will install undocumented binary code from unknown people. Since you don't have the sources there is no way to check what this code does and since whoever wrote that code faces no risk when his code is discovered to be malware there's very little you can do after the fact.

        This is less secure than a device that is not jailbroken.

        I mean, do what you want to do by all means, but at least try to know what you're doing so you can correctly balance the risks and advantages you get by what you're doing.

      • If you had ever used a jailbroken iPhone and realized the capabilities it unlocks, you would change your mind

        I'm aware of the capabilities it unlocks, but I'm just curious why I'd accept the lost stability, not just security, that happens when using an iPhone outside of the way it was designed.

        Apple is great at doing the things they intended you to do with the device. It is well known that if you try to use an Apple device in a way it wasn't designed for, it will be frustrating and difficult.

        You're swimming upstream on a jailbroken Apple iOS. Why not use an Android, which was designed with a totally different and

        • by brunes69 ( 86786 )

          Nearly all Android phones come carrier bootloader locked so I would hardly say they have a "different and open mentality".

          Even Google's Nexus phones come with a locked bootloader that needs to be unlocked in order to root the phone and do the equivalent of what you do with a jailbroken iphone.

      • by jo_ham ( 604554 )

        You mean like the jailbreak exploit that left an open SSH listen with a default root username and password?

        Mm. Super secure, just like before it was rooted.

    • How exactly does one take advantage of walls that only prevent you from enjoying more garden?
      • How exactly does one take advantage of walls that only prevent you from enjoying more garden?

        The walls that keep me in keep the pests and intruders out. Sure, there is garden I'm missing out on, but I have enough garden to meet my needs and I never find that my vegetables are stolen or burned when I go to my garden.

        More freedom has more risk, in pretty much any venue.

        I used to do some CRAZY shit with my non-Apple phones. Then came the day that the latest app I installed and modified kept me from making a business call while travelling away from a computer which was needed to regain control of my de

    • There is no advantage to the iPhone's walled garden.
      On Android, you can allow "unknown sources" if you want to. That option is disabled by default. You would be free not to check it on Android.

      I understand that some people prefer the iPhone and/or iOS, for various reasons, but the walled garden is really not something I even consider an argument.

    • There are quite a few nifty features and tweaks available to a JB device that aren't possible on stock iOS. As others have mentioned, finer grained OS controls like f.lux, the ability to actually interact with the filesystem (on the device or plugged in), disallowed apps like emulators, removing stock apps, etc. It drove me nuts that on my first iPhone, I could silence every singe sound and vibration--but every time I plugged it in, it buzzed at me. I had to jailbreak to get rid of that.

      As another pos
      • Many of those features would be trivial for Apple to implement as advanced settings (hell, solitary coders are writing this stuff and giving it away for free), and not against the Apple ethos (unlike, say, emulators). But for now you have to expose yourself to security risks in order to do all this useful stuff with your expensive pocket computer.

        I 100% agree with everything you're saying there. My Motorola RAZR had per-person MMS custom ringtones before the iPhone was even released, and it took them until iOS 5 or so until they allowed that. Stupid.

        Worst case, make it something that can only be enabled with a bit of work, like how you have to use their tool to install certificates and other higher-level stuff.

        While it annoys me that I can do many things that should be trivial and some UX god at Apple is preventing me from doing it, the main reason

    • Since having a reliable and secure phone is more important to me than features, I have have decided to get an iPhone and not jailbreak it.

      You obviously didn't do any research then. The iPhone can be compromised via malicious websites with no user interaction. Apple is also really slow to fix such problems (fixes are often available via Cydia the same day, Apple can take months). How many malicious text message bugs does it take before people realize what Apple's focus is, making money, not security.

  • "Jailbroken" needs to be in the title of this story and and in the first sentence. It is the critical factor to the story. Not having it there simply makes this a troll.
  • "The theft is executed via variants of the KeyRaider iOS malware, which targets jailbroken iOS devices"

    How exactly does the KeyRaider malware get onto the device without the end user visiting a compromised repository and downloading and installing the malware?

"Nuclear war can ruin your whole compile." -- Karl Lehenbauer

Working...