Editor in Chief
- Jul 27, 2011
- Reaction score
For the most part, Apple is very good at weeding out potential security vulnerabilities in iOS. Because of the exceptional control they keep over their operating system and its ecosystem, it is rare when we see a big data breach, but that doesn't mean it never happens. Today is such a day, but it also is not really Apple's fault.
According to the latest report, over 225,000 user accounts have been stolen by a new malware exploit called KeyRaider. The breached accounts will have affected people in 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea. What is notable about this breach is that all of the devices which had their account info stolen were jailbroken devices.
Here's a quote with more of the details,
The malware app steals Apple credentials and GUIDs and then uses the data in combination with other tricks — such as stealing Apple push notification service certificates and private keys, disabling local and remote unlocking functionality, sharing App Store purchasing information – to let others download premium App Store content for free, including in-app purchases, on other devices.
The scary part is that the malware tool can be used to hold affected devices for ransom.
“It can locally disable any kind of unlocking operations, whether the correct passcode or password has been entered,” the researchers wrote. “Also, it can send a notification message demanding a ransom directly using the stolen certificate and private key, without going through Apple’s push server. Because of this functionality, some of previously used ‘rescue’ methods are no longer effective.” At least one user has been targeted in such a manner. ~ BGR
For those who might be worried that they are one of the affected users, you can use this website to check to see if your account was breached: iCloud账号泄露查询 - By 威锋技术组. (It's in Chinese, so you will need to activate Google Translate.)