Keyraider Hits Apple

Wait for it. 225,000 Apple accounts have been compromised by the Keyraider Malware

The stolen account information was found by WeipTech on a command-and-control server that communicates with KeyRaider-infected phones. That server had security vulnerabilities which allowed the group to obtain the stolen data. But KeyRaider’s authors figured out something was going on.

iOS has been regarded as the “safe” operating system – believed by many to be impenetrable, but how true is that? That’s the question mobile security firm Lookout asked itself before taking a closer look at the Apple’s ecosystem for malware.

Their conclusion? The iOS App Store is not the impenetrable walled garden you think it is.


From Network World

Palo Alto Networks investigated KeyRaider with an amateur technical group in China called WeipTech. A member of that group, who is a student at Yangzhou University, discovered the attack, Xiou wrote.

KeyRaider has been spread by being incorporated into jailbreak tweaks, or software packages that allow for some new function to be run on iOS. The malware has been found within tweaks published on the Weiphone forum for jailbroken phones.

It is suspected that a user, who goes by the username “mischa07” on Weiphone, may be responsible for seeding KeyRaider to his personal repository of apps. The same user name was hardcoded into KeyRaider as the encryption and decryption key for the malware, Xiao wrote.

Article ‘KeyRaider’ iOS malware targets jailbroken devices