Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > New jailbroken iOS device malware found in Weiphone Cydia repository

New jailbroken iOS device malware found in Weiphone Cydia repository
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Aug 31, 2015, 10:28 AM
Malware for iOS requiring a jailbroken handset, and access to Chinese software repositories has been identified. Recent research has discovered 92 samples of a new family of malware called "KeyRaider," which has resulted in the theft of 225,000 valid Apple accounts login credentials, and associated device GUID.

The malware monitors the MobileSubstrate, and hooks into itunesstored's SSLRead and SSLWrite functions following installation through an afflicted software package. Push notifications, App Store purchasing information, certificates, private keys are then purloined by the malware. The information is uploaded at regular intervals to the command and control server for collection and re-use.

Researchers at Palo Alto Networks believe that the exploit allowing for illicit use of the purchase information database has been downloaded 20,000 times. Victims are reporting app purchases, as well as phones remotely locked by miscreants through modification of lockdown and activation routines.

Weiphone user Mischa07 has been fingered as the likely author. Most of the tweaks made available by the user are cheats for games, and advertising removing tools. The user is also the originator of "iappstore" and "iappinbuy" allowing users to download paid apps, and in-app purchases, respectively.

Palo Alto Networks claims that "it appears this threat may have impacted users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea." There is no way to contract this malware without having a jailbroken device, and access to the Weiphone Cydia repository containing the malware-laden software.
Professional Poster
Join Date: Jan 2000
Location: Columbus, OH
Status: Offline
Reply With Quote
Sep 1, 2015, 12:09 PM
Ain't jailbreaking fun?
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Privacy Policy
All times are GMT -4. The time now is 06:07 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,