PALO ALTO, Calif., Sept. 1 (UPI) — Security company Palo Alto Networks (PANW) has discovered that hackers stole information from more than 225,000 Apple accounts of users of jailbroken iPhones.
Upon discovering it, the company called the attack “the largest known Apple account theft caused by malware.” It found the hack along with Chinese tech group Weip Tech.
This hack is made possible by software called KeyRaider, which is mostly found in Chinese websites and apps that provide downloadable software for jailbroken iPhones. Jailbreaking an iPhone allows a user to modify system files and customize the functionality of the phone beyond the developer’s original options, such as the ability to lock the screen through gestures instead of pressing the lock button and circumventing paywalls on apps like Spotify and Pandora.
The malware KeyRaider has spread beyond China to 18 countries, including the United States. Once a phone is infected with the software, it will relinquish all of the user’s iTunes App Store information, including their username, password and the device’s unique ID. It also hijacks information about previous purchases and prevents users from countering the hack.
The hackers then use the information to allow others to download another piece of software that provides paid iOS apps for free by way of the stolen account information. So far, 20,000 people have used this service.
The server where the stolen information was housed was not secure, allowing researchers to gain access to the data before being disconnected.
News of the hack was posted to PANW’s website on Sunday.
Some users report seeing a ransom notice on their iPhone while others say their purchase history shows apps they never bought.