• No events
AEC v1.0.4

Cyber Security Info

Malware stealing Apple account credentials from jailbroken iPhones

April 22, 2014

Share Button

Users of Reddit have discovered a new malware affecting jailbroken iPhones. The malware consists of library unfold.dylib or framework.dylib that scans the buffer of any SSL connection for Apple ID username and password and sends it to the servers controlled by the attackers in open text. So far, it is believed that deleting the malicious library and changing Apple ID password is enough to remove the threat. However, the means of spreading the malware are yet to be discovered. Some of the used code as well as servers used to retrieve the solen data suggest that the source of the malware is in China. Therefore the most probable source are Chinese unofficial app markets for jailbroken iPhones.

Share Button