Hackers Swipe 225,000 Jailbroken iPhone Users’ Account Information

Cats are notorious for not heeding warnings about potential dangers of jailbreaking iPhones. (J)

Cats are notorious for not heeding warnings about potential dangers of jailbreaking iPhones. (Sigma.DP2.Kiss.X3)

Jailbreaking your Apple device, or using illicitly obtained software to customize it in ways that Apple never intended and install unauthorized apps, is something that most users thought was against the rules but innocent, even if it does void your Apple warranty. Now Apple is facing a good news/bad news situation: a hack involving jailbroken iPhones validates their policies, but also means that the phrase “iPhone hack” is all over the news.

Palo Alto Networks, a cybersecurity company, warned the public about a piece of malware that only affects modified iPhones, which they’re calling KeyRaider. The malware spread through downloads on the alternate underground app store, Cydia. The hackers are based in China, and most affected users are from there, but not all.

The malware hijacks the user’s iTunes credentials, using them to make unauthorized purchases. About 225,000 users had their passwords stolen, and about 20,000 people have purchased and used the stolen accounts.

Originally, iPhones had to be jailbroken to be used on carriers other than AT&T, or internationally. Now, all carriers in the U.S. offer the mega-popular device, but jailbreaking still allows users to run apps rejected from Apple’s store for various reasons, and modify their phones in other ways.

While bypassing Apple’s security has dangers, experts point out that there are anti-malware programs that you can run on your phone once you’ve busted through the metaphorical wall of Apple’s walled garden.

After a quarter million iPhones hacked, a reminder ‘jailbreaking’ devices still not safe [CNET]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.