Apple's Biggest Hack Ever

Over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts were stolen from jailbroken iOS devices. The malware, KeyRaider, was distributed through third-party Cydia repositories in China and appears to have impacted users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.

The malware steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device and disables local and remote unlocking functionalities on iPhones and iPads. The malware then uploads the stolen data to its command and control (C2) server, which has been found to contain vulnerabilities that expose the stolen user information to other hackers.

According to Paloalto Networks the purpose of the attack was to make it possible for users of two iOS jailbreak tweaks to download applications from the official App Store and make in-app purchases without actually paying. Jailbreaking is the process of removing hardware restrictions on iOS, Apple's operating system, on devices running it through the use of software exploits; such devices include the iPhone, iPod touch, iPad, and second-generation Apple TV. Jailbreaking permits root access to the iOS file system and manager, allowing the download of additional applications, extensions, and themes that are unavailable through the official Apple App Store. (Wikipedia)