Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
10.3K views | +0 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Over 225,000 Apple ID Credentials Stolen From Jailbroken iOS Devices

Over 225,000 Apple ID Credentials Stolen From Jailbroken iOS Devices | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Cybercriminals have reportedly stolen over 225,000 Apple ID account credentials from jailbroken iOS devices, using a type of malware called, “Keyraider”.  The criminals have been using the stolen credentials to make in-app purchases with user accounts. Keyraider poses as a downloadable app, but once it’s on the user’s phone, it steals the user’s account login credentials, device GUID (globally unique identifier), Apple push notification service certificates and private keys, and iTunes purchase receipts. These attacks happened mainly in China, but jailbreaking is not exclusive to China. Jailbreaking is practiced by iOS users all over the world.

Jailbreaking your device is a security risk!

This news is a timely reminder about the downside to jailbreaking your Apple iOS device. It sounds like a great idea, in theory, but what many often overlook is that while jailbreaking allows Apple users to bypass many iOS operating system restrictions they might consider burdensome, for example being only able to download apps from the Apple iOS App Store, it also means that cybercriminals have much more freedom to attack the device. 

One of the biggest reasons that jailbreaking puts your phone or tablet at risk is that it disables the “sandboxing” feature native in all Apple devices. Sandboxing keeps third party apps out of your operating system, and only allows those apps certain permissions to your information (which these apps “ask” for through pop-ups to be approved by the device user). Because these apps need your explicit permission to look through your photos, access your location, or look up your contacts, it’s highly unlikely that malicious code can get through to do damage or steal your information. Once you remove the sandbox, any app can access all of your private information, including malicious apps posing as legitimate apps.

Gust MEES's insight:

Cybercriminals have reportedly stolen over 225,000 Apple ID account credentials from jailbroken iOS devices, using a type of malware called, “Keyraider”.  The criminals have been using the stolen credentials to make in-app purchases with user accounts. Keyraider poses as a downloadable app, but once it’s on the user’s phone, it steals the user’s account login credentials, device GUID (globally unique identifier), Apple push notification service certificates and private keys, and iTunes purchase receipts. These attacks happened mainly in China, but jailbreaking is not exclusive to China. Jailbreaking is practiced by iOS users all over the world.


Jailbreaking your device is a security risk!


This news is a timely reminder about the downside to jailbreaking your Apple iOS device. It sounds like a great idea, in theory, but what many often overlook is that while jailbreaking allows Apple users to bypass many iOS operating system restrictions they might consider burdensome, for example being only able to download apps from the Apple iOS App Store, it also means that cybercriminals have much more freedom to attack the device. 

One of the biggest reasons that jailbreaking puts your phone or tablet at risk is that it disables the “sandboxing” feature native in all Apple devices. Sandboxing keeps third party apps out of your operating system, and only allows those apps certain permissions to your information (which these apps “ask” for through pop-ups to be approved by the device user). Because these apps need your explicit permission to look through your photos, access your location, or look up your contacts, it’s highly unlikely that malicious code can get through to do damage or steal your information. Once you remove the sandbox, any app can access all of your private information, including malicious apps posing as legitimate apps.

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac's are NOT a safer alternative to PC's! Rising number of unique threats for OS X in 2012

Mac's are NOT a safer alternative to PC's! Rising number of unique threats  for OS X in 2012 | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

 

Read the complete Report from SYMANTEC here [PDF]:

 

https://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v18_2012_21291018.en-us.pdf

 

Check also:

 

https://gustmees.wordpress.com/2012/11/29/cyber-hygiene-ict-hygiene-for-population-education-and-business/

 

https://gustmees.wordpress.com/2012/07/11/cyberhygiene-hygiene-for-ict-in-education-and-business/

 

 

Check also other infographics here:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographic

 

Gust MEES's insight:

 

Read the complete Report from SYMANTEC here [PDF]:

 

https://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v18_2012_21291018.en-us.pdf

 

Check also:

 

https://gustmees.wordpress.com/2012/11/29/cyber-hygiene-ict-hygiene-for-population-education-and-business/

 

https://gustmees.wordpress.com/2012/07/11/cyberhygiene-hygiene-for-ict-in-education-and-business/

 

 

Check also other infographics here:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographic

 

more...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

7 Cybersecurity Myths Busted [Infographic]

7 Cybersecurity Myths Busted [Infographic] | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Gust MEES's insight:

 

Learn more:

 

https://gustmees.wordpress.com/2012/11/29/cyber-hygiene-ict-hygiene-for-population-education-and-business/

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://gustmees.wordpress.com/2013/06/23/ict-awareness-what-you-should-know/

 

 

 

more...
Scooped by Gust MEES
Scoop.it!

Flashback Malware Robs Google of $10,000/Day in Ad Revenue

Flashback Malware Robs Google of $10,000/Day in Ad Revenue | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Flashback Malware Robs Google of $10,000/Day in Ad Revenue

 

The authors of MacOS malware 'Flashback' are reaping an estimated $10,000 a day by through an additional component, Symantec reports.

 

Read more...

 

more...
No comment yet.