More than 225,000 Apple accounts have been stolen from iPhone and iPad users by a jailbreak tweak dubbed \u201cKeyRaider.\u201d It\u2019s thought to be the biggest theft of its kind on iOS, and most of the users affected live in China.<\/p>\n
<\/p>\n
Discovered by Palo Alto Networks, KeyRaider intercepted iTunes traffic once installed on jailbroken iOS devices, collecting Apple usernames, passwords, and device IDs. While most of the users affected live in China, it\u2019s thought\u00a0KeyRaider was installed in 18 countries in total, including several throughout Europe. It\u00a0doesn\u2019t appear to have made its way to the U.S., however.<\/p>\n
\u201cKeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads,\u201d explains Palo Alto Networks.<\/p>\n
Some victims report that unauthorized purchases were made with their account, while others say their devices have been \u201cheld for ransom,\u201d and they are unable to use them at all.<\/p>\n
To be affected by KeyRaider, users will have first had to jailbreak their device and then install the tweak. However, in China, where many Apple devices are purchased on the gray market, many are sold already\u00a0jailbroken with third-party tweaks pre-installed.<\/p>\n
Palo Alto Networks has provided step-by-step instructions that allow jailbreakers to find out whether KeyRaider has been installed on their device, which you can find via the source link below.<\/p>\n