Researchers for Weiptech and Palo Alto networks revealed today that more than 225,000 valid Apple accounts were stolen from jailbroken users without their knowledge.
The credentials were stolen via malware that was distributed using the popular jailbreak tool Cydia, which makes it easy to install tweaks and researchers report that accounts from 18 countries were stolen.
More than half the email addresses discovered used Tenecent’s email services, though qq.com, 163.com and icloud.com were the next most popular.
The malware, called KeyRaider, uploaded stolen logins to a server which contained vulnerabilities itself.
The researchers reverse-engineered the hack and attacked the control server where the data was stored, getting in via a SQL injection vulnerability and downloading around half of the entries before being cut off.
KeyRaider was only found to be distributed via apps found in Weiphone’s Cydia repositories and sent back credentials, purchasing receipts, device IDs and other data without user knowledge.
If you’re into the nitty-gritty, you can read more details here, but the news highlights yet another reason to not jailbreak iPhones in 2015.
Earlier this year we learnt that Hacking Team was exploiting jailbroken users to gather information about them without their knowledge on behalf of rogue governments.
What’s the best way to protect against such attacks? Avoiding jailbreak, as tempting as it may be. These days it’s far less necessary than it used to be and isn’t worth the risk.
➤ iOS malware steals 225,000 Apple accounts [Palo Alto Networks]
Get the TNW newsletter
Get the most important tech news in your inbox each week.