KeyRaider malware steals Apple IDs from jailbroken iPhones
“KeyRaider has successfully stolen over 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts,” PAN's report said. “The malware uploads stolen data to its command and control (C2) server, which itself contains vulnerabilities that expose user information.”
Once hackers have victim's Apple IDs, they can make purchases on those accounts and some people say their iPhones have been locked and until they pay a ransom.
For most iPhone users, this is little more than a cautionary tale about the importance of staying inside the walled garden of Apple's App Store. The victims used a process called jailbreaking to hack their iPhones so they could install apps that aren't available through the App Store.
While many apps available to jailbreakers are safe, there isn't any vetting process to make sure malware doesn't find its way onto your iPhone or iPad. In this case, most of the jailbreakers hit by KeyRaider are in China and loaded unauthorized apps through the Cedia service.
The easy way to avoid KeyRaider and other iOS-targeted malware is to stay away from the jailbreak scene. Don't hack your iPhone, and don't try to install apps outside of Apple's App Store.