Not everyone who owns an iPhone keeps their smartphone the way Apple would want it, and some opt for more control, removing the limits set out by the company. But this can have unfortunate consequences, as Symantec has found.
If you own an iPhone that you have “set free”, so to speak, from the confines put in place by Apple, you’re going to want to hope you haven’t downloaded much or even anything from a third party app store in recent months, and that’s because a new form of malware is actually going around on these.
Discovered by Symantec, makers of the Norton Internet Security and Norton 360 software packages, the piece of malware is called “KeyRaider” and appears in repackaged apps that jailbroken iPhones have access to.
When an app with this malware is downloaded, the security exploit goes to work injecting itself into the processes that an iPhone uses to talk to the Apple App Store, as well as push notifications, looking out for usernames, passwords, and the digital certificate representing the phone.
With this information collected, it is sent to the creators of this nasty piece of malware, and that is where things get bad.
“Once the bad guys have the info, they can then use it buy apps and in-app-purchases and have the victim pay for it,” said Nick Savvides, Security Expert at Symantec.
“Furthermore because the malware has the digital keys for the push notifications, they can send notifications to the device bypassing Apple’s systems completely. This can be used with its other lockout functions to lock the device and demand a ransom.”
That means you might get charged for app or movie purchases, but it could even be worse, with ransomware engaged on your smartphone that has the potential to take over your files in a way similar to the cryptolocker security exploits currently going around.
The good news about this is that it won’t happen to every iPhone on the block, because you need to actually have a jailbroken iPhone to do this, and that’s something most people don’t have.
Right now, however, researchers at Symantec have discovered over 225,000 entries comprising of compromised device information, and while the majority are in China, other countries like Australia have been listed in the results.
If you don’t have a jailbroken iPhone, you’re not at risk, and if you have an iPhone but don’t know what jailbreaking is, you’re also not at risk, so don’t worry.
However it will be worth watching, because while Apple checks over every app that runs through its store, the very fact that a piece of malware does exist on iOS and works could suggest that at one point if something did get through, it could get a little nasty.