Apple fans beware: if you have “jailbroken” your iPhone, you're at extremely high risk of hackers hijacking your Apple account. According to security researchers at Palo Alto Networks, it's already happened to almost a quarter-million accounts.
In tech terms, “jailbreaking” an iDevice refers to the practice of removing various pre-installed restrictions that limit the device to official, manufacturer-approved apps or programs. An ordinary off-the-shelf iPhone will only accept apps from Apple's official App Store. However, if you have the will and the know-how, you can get around these restrictions and load your device with unapproved third-party apps, themes and extensions – in other words, you can “break” free of the restricted, Apple-approved “jail.”
KeyRaider malware infection
So, from an iPhone owner's perspective, the upside of jailbreaking your phone is that (obviously) you have the freedom to install any compatible app, rather than be limited to the narrower selection pre-approved by Apple. The potential downside is that such unapproved third-party apps are far more likely to harbor dangerous forms of malware.
And that's exactly what happened. On Aug. 30, Palo Alto Networks announced their discovery of an Apple-attacking malware they dubbed “KeyRaider,” which has infected at least 225,000 jailbroken accounts in 18 different countries, including Canada, the U.S., and China (which is where the KeyRaider hackers actually operate).
Hackers can use KeyRaider to steal and share victims' account information, and use those accounts to buy apps for the hackers. In some cases, KeyRaider also gives hackers the ability to plant ransomware on victims' phones; Palo Alto says that “Some victims have reported that their stolen Apple accounts show abnormal app purchasing history and others state that their phones have been held for ransom.”
Palo Alto discovered KeyRaider in conjunction with a Chinese cyber-security company called WeipTech. KeyRaider is found primarily on Chinese-language apps and websites; indeed, Palo Alto said that “KeyRaider, as far as we know, only spreads through Weiphone's Cydia repositories for jailbroken iOS devices.” (Weiphone is an iPhone community for Chinese-language users, and Cydia is an app that lets the owners of jailbroken iOS devices find and install additional ones.)
If your iPhone or other iDevice has never been jailbroken, you need not worry about KeyRaider. However, if your device has been jailbroken – and especially if you visit any Chinese-language sites or use third-party Chinese apps with your jailbroken device – then Palo Alto has posted step-by-step instructions you can use to determine whether your account has been hacked, and what you can do to protect yourself.