An iOS 8 Cydia tweak known as KeyRaider has stolen the Apple ID information from over 200,000 users, which sounds really bad, but here’s what you really need to know about the recent iOS 8 jailbreak attacks.
You may have seen it in the news lately or even heard it from a friend, but the gist is that malware has made its way onto more than 225,000 jailbroken iOS devices, sparking sudden chaos that has led people to believe that jailbreaking is unsafe and that if you are jailbroken, you’re at extreme risk of this new malware.
The hack was discovered by WeipTech and is detailed on the blog of security firm Palo Alto Networks, but many users are missing the truth on the severity and risk of these jailbreak attacks.
Of course, any kind of malware like this isn’t good, as it can wreak havoc on a lot of things, but what many users have failed to realize is that jailbroken iPhone owners aren’t at risk as much as you might think. In fact, it’s unlikely that any user with common sense and a little bit of knowledge will be affected by the KeyRaider malware.
It turns out that the malware is only available on third-party Cydia repositories, that is to say Cydia repositories that you have to manually add yourself in order to even have access to download the malware in the first place.
More specifically, Weiphone (one of the largest Apple fan websites in China) has a handful of Cydia repositories that registered users can upload their Cydia tweaks to.
So why was this malware downloaded by thousands of users, though? Well, the short story is that it was trojan horsing as different tweaks that claimed to include game cheats, system tune-ups, and getting rid of advertisements in apps, so it’s easy to see why so many users would want to download tweaks like these.
Most of the affected users are in China, as the malware originated from China and is in Chinese, but it’s said that there are reports of the malware being installed on iOS devices in France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.
If you think you have been affected, there is a way to find out officially by installing and firing up OpenSSH from Cydia, and it’s detailed in Palo Alto Network’s blog post, but if you’ve never added a Chinese repository to Cydia in the first place, then you’re good to go.
If you’re currently jailbroken and want to prevent yourself from installing this KeyRaider malware, as well any future malware, it’s always a good idea to only trust reputable jailbreak developers and repositories like BigBoss and ModMyi, both of which are default repositories in Cydia that are home to a ton of great jailbreak tweaks that don’t contain malware.
If your iPhone or iPad isn’t jailbroken yet, but you are wanting to do so, there’s no need for this to stop you from going on. Again, it’s impossible to get the malware unless you physically and manually install the specific repository in Cydia, and even then you’d have to download the infected tweaks from the repository anyway.
If you want to jailbreak your device and aren’t on the latest iOS 8.4.1 version, you can jailbreak using TaiG’s jailbreak tool for iOS 8.4.0 and older. However, if you’re running iOS 8.4.1, you’re out of luck and will need to wait for a new jailbreak to release, which might not be until iOS 9 releases later this month, and even then an iOS 9 jailbreak may not arrive for a few months.
The iOS 8.4 jailbreak works on Windows and Mac, and can jailbreak your iPhone, iPad, or iPod Touch running iOS 8.4 and older.