Skip to main content
X

Send us a Topic or Tip

Have a suggestion for the blog? Perhaps a topic you'd like us to write about? If so, we'd love to hear from you! Fancy yourself a writer and have a tech tip, handy computer trick, or "how to" to share? Let us know what you'd like to contribute!

Thanks for reaching out!

KeyRaider: Another Reason to Not Jailbreak Your iPhone

KeyRaider Malware Ransom NoticeWith all due respect to some very talented developers who are firmly in the iOS jailbreak camp, it might be time for iPhone and iPad users to just give up those tweaks that they feel they can’t live without. Why? Newly discovered malware called KeyRaider is infecting only jailbroken iPhones, and it has already captured Apple account information from over 225,000 users worldwide.

According to an article by Claud Xiao at Palo Alto Networks, KeyRaider targets only jailbroken iOS devices and is distributed through third-party Cydia app repositories in China. Although many of the apps are targeted at Chinese-speaking jailbreakers, the malware has affected users from a total of 18 countries including the United States.

The malware steals Apple account information by intercepting iTunes traffic, steals push notification service certificates and private keys, and steals and shares App Store purchasing information. KeyRaider sets up users of two iOS jailbreak tweaks (software packages that let users do things that are usually impossible when using standard iOS) so that they can download applications from the App Store and make in-app purchases without paying. Who pays for the apps? The 225,000 people whose credentials have been stolen.

Worst of all, KeyRaider also disables local and remote unlocking functions on iPhones and iPads, making it possible to hold iOS devices for ransom. KeyRaider can make it impossible to unlock an iOS device, even if the correct password or passcode has been entered. It can also send a ransom notification to the user without going through Apple’s servers, asking the user to call or text a number for instructions on how to pay to get their device unlocked.

The best prevention of this type of malware? Don’t jailbreak your device.

Steve Sande
the authorSteve Sande
Contributing Author
Steve has been writing about Apple products since 1986, starting on a bulletin board system, creating the first of his many Apple-related websites in 1994, joining the staff of The Unofficial Apple Weblog in 2008, and founding Apple World Today in 2015. He’s semi-retired, loves to camp and take photos, and is an FAA-licensed drone pilot.
Be Sociable, Share This Post!

Leave a Reply