Jailbreaking an iOS device gives the user a lot of freedom and there’s no denying that, but it also comes with some inherent risks that have to be taken into consideration very carefully. Apple are generally against the procedure and keep advising their users to avoid doing it, going as far as to disable the loopholes that people exploit to get to the operating system’s core. However, as we know very well, if a user wants to do something, they will, no matter how much Apple might try to stop them.
And now, we’ve been getting reports of a major incident related to the jailbreak scene that has resulted in the spreading of malware across users trying to jailbreak their devices, with the virus stealing their data and abusing payment information to make purchases on behalf of those affected.
The situation is actually quite bad according to reports, as some 225,000 IDs of Apple users have already been compromised and hackers have been having a field day with the information, making purchases and in some cases even attempting to extort users who want to get their accounts back.
The tool in question is called KeyRaider, and it’s quickly been spreading all over the world, after the attack originated in China according to security experts. It was initially isolated to that region but currently KeyRaider has been spreading to devices in various Western countries, having reached the United States and United Kingdom successfully. Users who are active in the jailbreak scene have been quite panicked with the whole situation.
And they probably have a right to be, because there is a lot of uncertainty about the whole incident right now. It’s not clear how easy it is for attackers to target iOS users with the tool, nor how well someone could defend themselves in case they were compromised. The safest bet right now is also the most obvious one – staying away from jailbreaking as a whole.
But of course, it should go without saying that this is not an ideal option for many users, as a large part of those who’ve been at risk from the incident have continued to use jailbroken software on their devices. It’s strange to see the whole thing unfold because it reveals that many users simply don’t care about their security as much as they probably should.
Apple have been mostly quiet on the situation, and they probably don’t have much to add anyway – the company has always had the stance that jailbreaking is something that they don’t support and users who choose to do it despite the warnings are taking their own risk.
They have also been actively working to plug the various holes in the operating system used by jailbreaking teams, and while many members of the community have slammed Apple for doing that, the need for such actions becomes quite clear when we look at incidents like the current one, especially in the context of the privacy of Internet users, a topic that has been quite hot lately.
It should be noted that there were some vulnerabilities discovered in iOS recently, related to purchasing apps from the iTunes store – according to researchers, it was apparently possible for users to skip the verification procedure and obtain paid apps for free through the use of an exploit. Some have been claiming that this is related to the current KeyRaider hack, although the exact connection is not yet clear.