Backdoor Privacy Attack
Update: In a separate research, security researchers at Palo Alto Networks discovered an iPhone malware, which they dubbed as "KeyRaider," that stole more than 225,000 credentials from jailbroken devices.
According to security researchers, KeyRaider is capable of:
- Stealing Usernames and Passwords from Jailbroken Apple devices
- Stealing device's unique identifier (GUID)
- Stealing App Store purchase information
- Locking victim's device and hold it for Ransom
The malware was delivered through a third-party repository for Cydia – App Store for jailbroken iPhones.
According to Palo Alto Networks, this is the largest theft of Apple user credentials executed with malware.
Most victims of KeyRaider are in China, the security firm said, but the threat may have impacted victims from 17 other countries including the United Kingdom, United States, France, Canada, South Korea and Germany.
Who is Affected?
How to Protect Yourself?
- Enable 2 Factor Authentication for your iCloud Account
- Do not add shady third-party repositories to Cydia
- Do not install jailbreak tweaks from unknown and untrusted sources
- Do not pirate tweaks or apps