“Biggest iPhone hack ever” attacks jailbroken phones
In what has been called the biggest iPhone hack ever, 250,000 Apple accounts were hijacked. That’s the bad news.
The good news is that most Apple device users are safe. Why? Because the malware dubbed KeyRaider by researchers at Palo Alto Networks, only infects “jailbroken” iOS devices. (there’s that bad news again)
When you jailbreak a device like an iPhone or iPad, it unlocks the device so you can do more with it like customize the look and ringtones, install apps the Apple normally would not allow, and even switch carriers!
The KeyRaider malware entered the jailbroken iPhones and iPads via Cydia, a compatible but unauthorized app store, which allows people to download apps that didn’t meet Apple’s content guidelines onto their devices. The malware intercepts iTunes traffic on the device to steal data like Apple passwords, usernames, and device GUID (“Globally Unique Identifier” which is your ID number similar to your car’s VIN). Users reported that hackers used their stolen Apple accounts to download applications from the official App Store and make in-app purchases without paying. At least one incident of ransomware was reported.
Chinese iPhone users with jailbroken phones where the primary attack target, but researchers also found incidents in 17 other countries including the United States, France, and Russia.
It’s a common belief (and myth) that Apple products are invincible against malware. This false line of thinking has recently again been refuted, as iPhone and iPad users have been encountering a ransomware threat that freezes their Internet browsers, rendering their devices unusable. The ploy, commonly known as iScam, urges victims to call a number and pay $80 as a ransom to fix their device. When users visit an infected page while browsing using the Safari application, a message is displayed saying that the device’s iOS has crashed “due to a third party application” in their phone. The users are then directed to contact customer support to fix the issue.
How to clean your system if you’ve been infected by iScam
- Turn on Anti-phishing. This can be done by visiting Settings > Safari and turn on ‘Fraudulent Website Warning’. When turned on, Safari’s Anti-phishing feature will notify you if you visit a suspected phishing site.
- Block cookies. For iOS 8 users, tap Settings > Safari > Block Cookies and choose Always Allow, Allow from websites I visit, Allow from Current Websites Only, or Always Block. In iOS 7 or earlier, choose Never, From third parties and advertisers, or Always.
- Clear your history and cookies from Safari. In iOS 8, tap Settings > Safari > Clear History and Website Data. In iOS 7 or earlier, tap Clear History and tap Clear Cookies and Data. To clear other stored information from Safari, tap Settings > Safari > Advanced > Website Data > Remove All Website Data.
Check out Apple’s support forum for additional tips on how to keep your device safe while using Safari.
Do you use your mobile device to check email, use social networks or log in to your bank account while sipping a double mocha latte at your favorite coffee shop or while waiting for your next flight? That’s risky considering you cannot count on public Wi-Fi hotspots that you find in cafes, coffee shops, airports, schools, and hotels to be secure. Remote cybercrooks, and even the guy sitting a couple of tables from you sipping coffee, can use software to eavesdrop and snoop which could result in stolen credit card information and passwords or full-blown identify theft.
With new avast! SecureLine for iOS you can secure your wireless internet connection when using your iPad, iPhone, or iPod on a Public/Open Wi-Fi network. Here’s how it works:
VPN stands for Virtual Private Network. avast! SecureLine VPN creates a private ‘tunnel’ through the internet for your data to travel through, and everything inbound and outbound through the tunnel is encrypted. Data is decoded at the VPN server, using advanced encryption protocols. Handy features also detect and filter malicious URLs, block ads in the browser and apps, or can compress your transferred data which saves your mobile data plan and enables access to US-only content.