By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    CryptoLocker is Bad News
    12 months ago
    Debunking the myths of malware and antivirus programs
    12 months ago
    Security Week 38: Cisco routers under attack, bug in AirDrop, CoinVault cryptohawkers aressted
    12 months ago
    Latest News
    Two privilege escalation vulnerability in Simple Membership Plugin
    13 hours ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
    7 days ago
    Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
    1 week ago
    Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Surface Pro 4 teardown: Get a closer look at the components
    12 months ago
    How to reset Windows Update components on Windows 10
    12 months ago
    Windows 11 build 22610 with new changes in Dev and Beta Channels
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    7 months ago
    Now you can speed up any video in your browser
    7 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    8 months ago
  • How To
    How ToShow More
    How to get the latest Windows 11 innovations
    16 hours ago
    Dynamic Lighting is now available on Windows 11
    16 hours ago
    Writing poems using LLama 2 on Workers AI
    Writing poems using LLama 2 on Workers AI
    16 hours ago
    serverless GPU-powered inference on Cloudflare’s global network
    serverless GPU-powered inference on Cloudflare’s global network
    16 hours ago
    You can now use WebGPU in Cloudflare Workers
    You can now use WebGPU in Cloudflare Workers
    16 hours ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to write in different fonts in Telegram
    12 months ago
    Windows 11 22H2 bug breaks package provisioning
    12 months ago
    Remove a certain Woo dashboard menu link
    12 months ago
    Latest News
    How to install September 2023 update with 23H2 features for Windows 11
    21 hours ago
    How to uninstall September update (KB5030310) from Windows 11
    21 hours ago
    How to remove the quiet mode icon in the corner of the iPhone 15 screen ProiPhone 15 Pro and iPhone
    2 days ago
    Sberbank has figured out how to effectively catch scammers – it will listen to everything you
    2 days ago
  • Glossary
  • My Bookmarks
Reading: KeyRaider malware affects only jailbroken devices. Who needs to worry?
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

KeyRaider malware affects only jailbroken devices. Who needs to worry?

Vitus White
Last updated: 13 October
Vitus White 12 months ago
Share
4 Min Read

While iOS is notorious for being innately secure, headlines over the past three days have challenged that. The noise was brought upon by a ‘terrible’ KeyRaider hack, which compromised more than 225,000 iPhone accounts. Boo!

KeyRaider malware affects only jailbroken devices. Who needs to worry?

The truth is that the vast majority of iPhone and iPad users (almost all of them actually) don’t have to worry about this malware. KeyRaider affects only jailbroken devices — it cannot break in an iPhone if its owner did not hack beforehand himself. Owners of ‘legal’ Apple devices can take a breather.

When it comes to Apple devices, you can either accept the limits implied by the manufacturer or jailbreak your device to have greater customization and access to new features. Risks come hand in hand with freedom, which you’ve just acquired, as you are giving malware the same access.

So don’t jailbreak your iPhone or iPad, or you may end dealing with malware, which has already infected devices from 18 countries, including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea. The majority of the victims are from China.

If you still want to jailbreak your device, it does not necessarily mean that you’ll be infected. To catch up with a virus you have to install an app from a third-party Cydia repository. After that your device will be upgraded with a free malware that can steal usernames, passwords and unique device identifiers and send it to a remote server run by malicious hackers.

KeyRaider #Malware Steals Certs, Keys & Account Data From Jailbroken #iPhones: http://t.co/RKlDhcJc1m via @threatpost pic.twitter.com/IZ90PMfRXx

— Kaspersky Lab (@kaspersky) August 31, 2015

KeyRaider can also lock your Apple device and demand a ransom for returning access to the files back to you. It’s very nasty malware, to put it shortly.

In July 2015, WeipTech experts started checking iPhone and iPad users complains on having unauthorized purchases and discovering iOS apps, which they had not installed. Researchers managed to track the criminals and breach into the server, which belonged to hackers. They gathered data and even reverse-engineered the jailbreak tweak to find out how it worked.

Greatest #iOS theft ever — who needs to worry about #KeyRaider #malware

Tweet

WeipTech experts called it the biggest theft ever involving Apple accounts. Even if the malware affects only jailbroken devices, it’s really critical for victims. About a quarter of a million users have already fallen victim.

If you think you might be one of them, check this website created by the WeipTech company. It’s in Chinese, but you can use Google Translate.

Researchers at WeipTech also suggest an alternative method. The manual is rather hardcore, but a geek who can jailbreak an iOS device will surely cope with it. Well, you can:

  • Install openssh server through Cydia
  • Connect to the device through SSH
  • Go to /Library/MobileSubstrate/DynamicLibraries/, and grep for these strings to all files under this directory: wushidou, gotoip4, bamu, getHanzi

If you find any of these strings in any file in the directory, you should delete the file and delete the plist file with the same filename. Then reboot the device. After that it’s strongly recommended to change your Apple account password, and enable two-factor verifications for Apple IDs.


Source: kaspersky.com

Translate this article

TAGGED: Apple, Malware, Stack overflow, Threats
Vitus White October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Two privilege escalation vulnerability in Simple Membership Plugin
Two privilege escalation vulnerability in Simple Membership Plugin
Wordpress Threats 16 hours ago
How to get the latest Windows 11 innovations
Windows 16 hours ago
Dynamic Lighting is now available on Windows 11
Windows 16 hours ago
Writing poems using LLama 2 on Workers AI
Writing poems using LLama 2 on Workers AI
Apps 16 hours ago
serverless GPU-powered inference on Cloudflare’s global network
serverless GPU-powered inference on Cloudflare’s global network
Apps 16 hours ago

You Might Also Like

Two privilege escalation vulnerability in Simple Membership Plugin
Wordpress Threats

Two privilege escalation vulnerability in Simple Membership Plugin

16 hours ago
Welcome to Birthday Week 2023
Apps

Welcome to Birthday Week 2023

4 days ago
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
Wordpress Threats

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)

7 days ago
Threats

Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog

1 week ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
Critical Vulnerability in Forminator Plugin
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme
How to download Windows 11 22H2 ISO after 23H2 releases
Previous Next

10 New Stories

You can now use WebGPU in Cloudflare Workers
How to install September 2023 update with 23H2 features for Windows 11
How to uninstall September update (KB5030310) from Windows 11
Traffic anomalies and notifications with Cloudflare Radar
Sippy helps you avoid egress fees while incrementally migrating data from S3 to R2
the modern way to connect and protect your clouds, networks, applications and users
Previous Next
Hot News
Two privilege escalation vulnerability in Simple Membership Plugin
How to get the latest Windows 11 innovations
Dynamic Lighting is now available on Windows 11
Writing poems using LLama 2 on Workers AI
serverless GPU-powered inference on Cloudflare’s global network
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?