Jailbreak Attack Claims More Than 225,000 Apple Logins

Discussion in 'Android News' started by DroidModderX, Aug 31, 2015.

  1. DroidModderX

    DroidModderX Super Moderator
    Staff Member Premium Member

    Joined:
    Oct 6, 2011
    Messages:
    5,506
    Likes Received:
    2,070
    Trophy Points:
    478
    Ratings:
    +2,189
    [​IMG]

    Alright Apple fan boys its your turn now. Apple fans were laughing hard at the stagefright vulnerability a few weeks ago. Now it seems that over 225,000 Apple Logins have been compromised. It can be argued that this attack is more severe since the apple logins were actually taken. Virtually no one was ever affected by the stagefright vulnerability.

    The only real difference here is that the Stagefright vuln existed on rooted and non rooted phones alike. This Jailbreak attack only affects those users that decided to jailbreak their phones outside of Apple's guidance. Apple login credentials were stolen via malware distributed through Cydia. The malware referred to as "Keyraider" was being distributed only in Weiphone's Cydia repositories. Types of data that were compromised include login credentials, purchasing receipts, device ID's and other data. Data was transmitted without the users knowledge.

    Via Thenextweb
     
    • Like Like x 1
  2. pc747

    pc747 Administrator
    Staff Member Rescue Squad

    Joined:
    Dec 23, 2009
    Messages:
    24,173
    Likes Received:
    5,240
    Trophy Points:
    1,123
    Ratings:
    +5,823
    Maybe I am being paranoid but part of me feel like this was an Apple insider looking to go after jailbreakers.

    Either way since Apple took a strong stance against jailbreaking from the beginning they hold no liability and do not have to worry about patching anything.

    It sucks that people do these things but the reality is that cellphone are the new target point for no-gooders.
     
  3. Efin

    Efin Diamond Member

    Joined:
    Apr 19, 2014
    Messages:
    5,714
    Likes Received:
    3,415
    Trophy Points:
    1,563
    Ratings:
    +3,652
    They'd make good target practice though... (the bad guys...)

    Good thing I've never considered Jailbreakin my iPhone..., I mean my wife's iPhone ;)
     
    • Like Like x 2
    • Funny Funny x 1
  4. Jonny Kansas

    Jonny Kansas Administrator
    Staff Member Rescue Squad

    Joined:
    Jan 21, 2010
    Messages:
    16,459
    Likes Received:
    7,038
    Trophy Points:
    1,278
    Location:
    Michigan's Upper Peninsula
    Ratings:
    +8,379
    Current Phone Model:
    Pixel XL
    Twitter:
    jonny_ks
    These are the risks you run when you play with unauthorized/unapproved software. I'd be mad if rooting a device lead to my info being stolen, but at the same time, when you open yourself wide up to the potential for malware, you've really only got yourself to blame. These repositories for jailbreak apps that aren't vetted by Apple first are the perfect place to launch an attack like this. Not that malware can't get into official app stores, but there's definitely a higher risk when it comes to stuff like this.
     
    • Agree Agree x 1
  5. Ollie

    Ollie Droid Does

    Joined:
    Apr 13, 2012
    Messages:
    3,442
    Likes Received:
    2,103
    Trophy Points:
    1,468
    Location:
    South Coast
    Ratings:
    +2,483
    Current Phone Model:
    Note Edge - iPhone 6 Plus
    This is probably the largest Chinese repository for Cydia. I don't think Apple would do such a thing. All Apple has to do is wait for the jailbreak exploit to be released to the masses and then plug it in their next OS release. Those happen so frequently that a jailbreak doesn't stay out in the wild for too long.
     
  6. kodiak799

    kodiak799 Gold Member

    Joined:
    Feb 20, 2010
    Messages:
    5,954
    Likes Received:
    750
    Trophy Points:
    258
    Ratings:
    +914
    I accept and can manage that risk (just one reason why I do nothing sensitive on my phone). Unfortunately, this just "validates" Google and carrier positions to block root.
     
    • Agree Agree x 3
  7. MissionImprobable

    MissionImprobable Silver Member

    Joined:
    Sep 5, 2011
    Messages:
    2,040
    Likes Received:
    142
    Trophy Points:
    128
    Ratings:
    +169
    Malware can end up on your PC simply by visiting certain sites; does that in itself 'validate' VZ's and some net provider's claims that they should be able to control where users go on the web? I know that your use of quotes implies just how shoddy their argument is, but I still find it sad that they even try and use that as a line of reasoning.