And this is why you shouldn’t jailbreak your iPhone. Palo Alto Network and WeipTech have identified 92 samples of a new iOS malware family in the wild.
This malware, dubbed KeyRaider, targets jailbroken iOS devices using the Cydia repository to steal Apple account information. The malware has already stolen at least 225,000 Apple IDs and passwords from jailbroken users across 18 countries.
As Palo Alto Networks explains, “the malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device.”
“KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads,” Claud Xiao writes.
After stealing the data, the malware uploads it to its own server.
The good news is that KeyRaider only affects jailbroken iPhone devices.
Jailbreaking can be dangerous
When we talk about malware on mobile, we’re almost always talking about Android. That’s because the nature of the way Android works — and the way third-party apps can be installed — means that users can spread and install malware more easily than they can on other platforms.
The way iOS apps are sandboxed — as well as approval process in the App Store — means that it’s unlikely for malware to spread on standard iOS.
When a user jailbreaks a phone, so that he or she can add apps other than those specifically approved by Apple, the OS can become vulnerable.
KeyRaider was spread through apps inside the Cydia repository, an app store for jailbroken iPhones, that promised to allow users to download paid apps and in-app purchases without actually buying the apps.
This should serve as yet another reminder that jailbreaking — especially if you aren’t paying attention to what tweaks you install — can be dangerous.
Jailbreaking played an important role in early iPhone development; before Apple introduced the first iPhone OS SDK in 2008, it was the only way developers could build full, robust apps for the first iPhone. It’s also true that plenty of the features we now enjoy on iOS, including third-party keyboards, the ability to reply to message notifications in other apps and even app folders all appeared in the jailbreak community first.
But it’s no longer 2007. Or even 2012. As mobile devices become the most prominent platform for computing, more and more bad guys are targeting mobile platforms.
In other words, ailbreaking your iPhone is a good way of increasing the odds that your information could be compromised.
So TL;DR, don’t jailbreak. It’s just not worth it.
Recommend: if you would like to manager your iPhone/iPad/iPod Touch wihout jailbreak, just go here to learn more. Simply download the free version and have a try, it can transfer data between iOS device and PC freely and easily. Manager, create, view, edit and clean up notes, bookmarks, contacts on your iDevice without jailbreak.