KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads. The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device. In total, it appears this threat may have impacted users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea. KeyRaider targets jailbroken iOS devices and is distributed through third-party Cydia repositories in China. We believe this to be the largest known Apple account theft caused by malware. We have analyzed the samples to determine the author’s ultimate goal and have named this malware “KeyRaider”. In cooperation with WeipTech, we have identified 92 samples of a new iOS malware family in the wild. Recently, WeipTech was analyzing suspicious Apple iOS tweaks reported by users and found over 225,000 valid Apple accounts with passwords stored on a server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |