Over a quarter of a million Apple devices have reportedly been compromised in what is the largest attack on the iOS software. Only jailbroken handsets are at risk, as the malware used in this attack is downloaded through the wildly popular “Cydia” app – the jailbroken App Store.
While most users will not be affected by this attack, those that are will have had their sensitive information easily obtained by the hackers. KeyRaider (the name given to the malware) steals push notification services and private keys, as well as stealing and sharing App Store purchase information meaning that users may find large, unknown charges to their account for apps they did not purchase. Even more scary, however, is the malware’s ability to disable both local and remote unlocking functions on iPhones and iPads, effectively rendering your expensive device a brick.
In addition to disabling the device, attackers can use the notification service to send a “ransom note” without going through Apple’s push server. The device will not respond to any passcode, whether correct or not, and previously used recovery methods are ineffective against the attack.
The attack has reportedly affected 250,000 devices in 18 countries, although most of the victims are in China. Un-jailbroken devices still have arguably the strongest mobile security of all operating systems, and can only be compromised in situations in which the attackers have physical access to the device. This should be a reminder to all iPhone users that it may be fun to play around with a few neat settings and bootleg a few pricey apps, but it probably isn’t worth the compromised security.