According to security specialists Palo Alto Networks, over 225,000 Apple customers have been affected by the "KeyRaider" iOS malware that not only steals your Apple account information, but can remotely lock your phone and hold it for ransom.
The malware only targeted individuals that had circumvented Apple's built-in security features, also known as jailbroken phones. So, if you haven't modified your phone by jailbreaking it — you're safe (so far).
The KeyRaider malware doesn't limit itself to only stealing Apple account user names, passwords and device GUIDs (device IDs),it also steals certificates and private keys used by Apple Push Notification Service and it prevents the infected iPhone or iPad from being unlocked either by passcode or the iCloud service — the ability to remotely lock the phone has lead to ransoms.
Currently the KeyRaider malware is mostly in China, with some stolen credentials from from the United States, Canada, France, Russia, Japan, United Kingdom, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.
[via TechCrunch]
