Last week, we reported that more than 220,000 iCloud accounts, the vast majority of them in China, had their passwords leaked through a tweak installed on iPhones with jailbreak. More details have recently emerged about the case.
In a very long article, Palo Alto Networks stated that this malware now identified as "KeyRaider" was already responsible for capturing over 225,000 Apple IDs, including users, passwords and payment data.
The curious and ironic part of the story is that criminals are reaching the point of "hijacking" affected iPhones, blocking them until a "ransom" is paid. That is, only people who chose to do jailbreak to ?break free? from the bonds of Apple and who are now suffering in the hands of bad guys.
But with a certain reason, I would say. In partnership with the WeipTech group, PAN found that the ?KeyRaider? was found in at least two tweaks responsible for see s piracy apps and in-app purchases.
Concerned users can check whether they are infected or not by following some rather complicated / advanced instructions that PAN has posted in their post. As for the ?hijacked? devices, it is not clear whether putting the iPhone in DFU mode and restoring it solves the problem, but it is possible that it does.
Remember that this malware does not affect, no way, iPhones without jailbreak (that is, Apple itself has nothing to do). In addition, most of those affected among those 225,000 were even Chinese.
(via TechCrunch, Cult of Mac)