“Jailbreak tweaks are software packages that allow users to perform actions that aren’t typically possible on iOS“, they’ve added.
Advertisement
According a report from Palo Alto Networks Inc. released this week, WeipTech, a group of Chinese cybersecurity enthusiasts, recently discovered more than 225,000 Apple accounts had been compromised after several users had notified the group of suspicious iOS activity.
The hackers then use the knowledge to permit others to obtain one other piece of software program that gives paid iOS apps free of charge by means of the stolen account info. WeipTech alerted Palo Alto Networks and the two organizations soon identified a new iOS malware family, dubbed “KeyRaider,”that specifically targets jailbroken devices”.
The attack makes it possible for people to download jailbreak tweaks to make unauthorized in-app purchases without paying for them.
Security company Symantec told the BBC, “Third-party app stores often don’t have the same controls and policies in place when it comes to the software they distribute and may be used to harbor malicious copies of well-known apps or other malware”. The aforementioned site said that at this very moment, there could be around 20,000 users exploiting these hacked Apple IDs and passwords to their hearts’ content. The theft is even more alarming for those with “jailbroken” phones for the sake of evading Apple’s hardware security-based restrictions to access prohibited apps and tailor phone interface. KeyRaider steals usernames, passwords and device GUID (globally unique identifier) by “intercepting iTunes traffic”.
The malware, which has mainly affected users in China, can lock phones and steal user information, allowing those behind the malware to issue ransom requests to unlock phones. The customization, however, puts their devices at risk of what has been called, “the largest known Apple account theft caused by Malware”.
So, from an iPhone owner’s perspective, the upside of jailbreaking your phone is that (obviously) you have the freedom to install any compatible app, rather than be limited to the narrower selection pre-approved by Apple.
“Seriously, it’s not just about the free-download of the pirate apps”, explains Lu. It was distributed widely through an alternative App Store website known as Cydia in China.
Advertisement
“Users … need to consider carefully if the additional functionality is worth the additional risk.”
