The Washington PostDemocracy Dies in Darkness

New iOS malware should make you think twice about jailbreaking your iPhone

An iPhone 5s smartphone in an arranged photograph in Hong Kong.  (Brent Lewin/Bloomberg News)

Information about the Apple accounts of more than 200,000 iPhone users who "jailbroke" their phones has been stolen by cybercriminals who could use the data to lock the phones and hold them for ransom, according to Palo Alto Networks, a cybersecurity research firm.

The malware behind the digital theft, dubbed "KeyRaider," has "successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts," Palo Alto researchers said in a blog post. The stolen data appears to have been downloaded to an insecure server where hackers can easily gain access to it, the researchers said.

"We believe this to be the largest known Apple account theft caused by malware," the blog post said.

Apple did not immediately respond to a request for comment.

The problem appears to be isolated to phones that were altered to bypass Apple's attempts to keep users safe.

Apple keeps tight control over what apps are allowed on iPhones, running basic security tests before allowing them to be downloaded. But some iPhone users have bristled at such restrictions, and to escape them, some people "jailbreak" their phones -- taking steps to get around restrictions built into the devices so can they install things not available in the official App Store.

That's legal at the moment thanks to the Librarian of Congress, which approved an exception to the Digital Millennium Copyright Act, allowing consumers to jailbreak their smartphones. But Apple discourages the practice. And this incident is a good example of why: Jailbreaking a phone can lead to new security risks.

U.S. consumers probably don't have too worry about this specific malware right now: KeyRaider seems to have only been spread through a Chinese app repository used by jailbreakers. More than half of the Apple ID's in the stolen cache were associated with e-mail accounts from a popular Chinese service, according to PaloAlto. Jailbreaking is particularly common in China, where whole industries have taken root profiting from it.

But there are some indications that Apple users in the United States, Britain and a slew of other countries may have also been affected, the researchers noted. And the whole situation is another reason everyday consumers may want to be wary before stepping outside of Apple's walled app garden.


The Post's Hayley Tsukayama, shares her thoughts on what the new iPhone might look like. (Video: Erin Patrick O'Connor/The Washington Post)