A malware named KeyRaider has reportedly stolen Apple login credentials of more than 225,000 Apple users. According Palo Alto, a company in the field of network security, the malware has stolen data of the Apple accounts of the users who have been using Apple devices that have iOS which is jailbroken.
Jailbreaking is used by several users, especially in countries like China where the original codes of the operating system are manipulated to allow access to other functions which are generally not available through the existing operating system. In case of Apple devices and iOS operating system, jailbreaking allows users to access applications apart from Apple App Store.
The KeyRaider malware app was bundled along with a set of tools that was downloaded by a large number of Chinese Apple users. The name of the downloaded tool is Weiphone and it can be installed only on those instances of iOS which have been jailbroken. It is believed that the malware has affected users in access of 225,000 in around 18 countries.
The malware gets linked to SSL or Secured Socket Layer which encrypts data while it is being transferred. The linked malware in the jailbroken iOS devices manipulated SSLRead and SSLWrite features of SSL in iOS’s itunesstored process. The SSL protocol for iTunes is itunesstored process and sets the parameters for communication between the device and Apple App Store. As the malware is able to get linked to the SSL protocols, it is able to steal the Apple login ids and other confidential information of the users thereby making them vulnerable to hacking instances. The malware also bars users of the devices to unlock their own iPhones.
WeipTech, the group of Chinese Apple users have posted a list on their website with the details of the users whose accounts might have been hacked by the malware.