iOS malware affects jailbroken phones

iPhone users who were looking to free themselves from some of Apple’s restrictions could find their phones infected with malware – and paying a hefty price, according to reports. 

Researchers have found a database containing Apple ID credentials, receipts, certificates, private keys and more for more than 200,000 users who have jailbroken phones.

The information appears to have been stolen using “KeyRaider” malware, and mostly affects users in China. The attackers went after users who attempted to use tweaks that would allow the jailbroken phones to download apps from the official App Store or to make in-app purchases without actually paying for them, according to the researchers who discovered the malware.

Now these accounts themselves have been used to make unauthorized purchases, or in some cases, have been held ransom by hackers.

Check BYOD policies

Obviously, most IT pros don’t have to deal with users who are attempting to skirt device restrictions to make fraudulent purchases. At least, you hope you won’t have to

But this does highlight an important area to address in your BYOD policies. Allowing users to work from jailbroken devices could put your data at risk – even though if they follow established mobile safety policies, it should provide some degree of protection.

Still, it’s better to be safe than sorry. Consider banning any jailbroken devices from your BYOD programs – and while you’re at it, encourage users to always be on the most recent version of their mobile OS to avoid security flaws.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy