SOFTWARE
Arp
at
cmd
Dok
FTP
Net
Orz
Reg
RTM
Tor
yty
SOFTWARE
1-9
A-B
Arp
at
C-D
cmd
Dok
E-F
FTP
G-H
I-J
K-L
M-N
Net
O-P
Orz
Q-R
Reg
RTM
S-T
Tor
U-V
W-X
Y-Z
yty
  1. Home
  2. Software
  3. KeyRaider

KeyRaider

KeyRaider is malware that steals Apple account credentials and other data from jailbroken iOS devices. It also has ransomware functionality. [1]

ID: S0288
Type: MALWARE
Platforms: iOS
Version: 1.1
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1446 Device Lockout

KeyRaider has built-in functionality to lock victims out of devices and hold them for ransom.[1]
Mobile T1410 Network Traffic Capture or Redirection

Most KeyRaider samples hook SSLRead and SSLWrite functions in the itunesstored process to intercept device communication with the Apple App Store.[1]
Mobile T1426 System Information Discovery

Most KeyRaider samples search to find the Apple account's username, password and device's GUID in data being transferred.[1]

References

  1. Claud Xiao. (2015, August 30). KeyRaider: iOS Malware Steals Over 225,000 Apple Accounts to Create Free App Utopia. Retrieved December 12, 2016.