Ever since the first iPhone released 8 years back, it has been surprisingly secure. There have been very few instances of malware and hacks on these devices, especially in comparison to the more open and less secure Android platform. From time to time though, a hack on iPhones comes along which gives millions of users cause to sit up and take notice and wonder if they should be doing more to protect their smartphone and data.
Several in-built security features on Apple iPhones make them relatively harder to crack, but problems arise when people start jailbreaking these devices. ‘Jailbreaking’ is a term used to describe the process of removing hardware restrictions from iPhones thanks to various software exploits. This process not only voids the warranty of an iPhone, but leaves it vulnerable to attackers and other security holes.
What the Latest Hack Does
Such an incident has come to light in the last few hours and apparently this hack has left about 225,000 iPhones around the world vulnerable. Some Chinese iPhone developers and security researchers have discovered that almost a quarter of a million devices are leaking out their Apple iTunes’ passwords to malicious third-party vendors. This malware, called ‘KeyRaider’, only afflicts jailbroken iPhones.
Once the malware has been installed on a vulnerable device, it hides itself within several code packages and then starts tweaking the iPhone’s operating system in different ways. It slowly intercepts login information of the user and sends it out to remote servers. Once they gain access to the iTunes accounts, attackers can also hijack the payment information online and install paid apps on other iOS devices.
As a result this attack is being called “the largest known Apple account theft caused by malware”.
Only Jailbroken iPhones are Vulnerable
However, it has been found that all these 225,000 devices have been jailbroken. This process allowed these users to install apps from outside the Apple App Store. A close examination of the email addresses that were intercepted revealed that a majority of these victims were in fact Chinese.
Should iPhone Users be Worried?
The simple answer is that regular iPhone users should not be worried about the KeyRaider hack. This afflicts jailbroken devices only, so if you have jailbroken your iPhone then you may need to take some precautionary measures. Moreover, jailbroken devices have several other malware threats to worry about as well.
As of now, the KeyRaider malware only steals iTunes account information. But there is a distinct possibility that in the future, this malware can be used to lock iPhones and demand a ransom payment to unlock them. Additionally, it is recommended that people who have jailbroken their iPhones revert back to Apple’s relative secure ecosystem.
It also pays to be aware about several iPhone security tips and avoid actions that leave your iPhone vulnerable to malware threats and hacks.