A new iOS threat has been revealed that affects more than 225,000 Apple users. Researchers from WeipTech and Palo Alto Networks have the malware, dubbed KeyRaider, and detected thousands of Apple accounts and passwords that have already been stolen.
“We believe this to be the largest known Apple account theft caused by malware,” wrote Claud Xiao, researcher at Palo Alto Networks, in a blog post. “The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads.”
(Related: iOS isn’t alone in being hit by malware)
The malware is said to target jailbroken iOS devices, and it allows attackers to make in-app purchases without having to pay. The researchers believe about 20,000 users are abusing the 225,000 stolen accounts.
Other potential risks of KeyRaider include app promotion, cash back, spam, device unlocking, and other future attacks.