SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
KeyRaider
KeyRaider is malware that steals Apple account credentials and other data from jailbroken iOS devices. It also has ransomware functionality. [1]
ID: S0288
Type: MALWARE
Platforms: iOS
Version: 1.1
Created: 25 October 2017
Last Modified: 11 December 2018
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Mobile | T1446 | Device Lockout |
KeyRaider has built-in functionality to lock victims out of devices and hold them for ransom.[1] |
|
Mobile | T1410 | Network Traffic Capture or Redirection |
Most KeyRaider samples hook SSLRead and SSLWrite functions in the itunesstored process to intercept device communication with the Apple App Store.[1] |
|
Mobile | T1426 | System Information Discovery |
Most KeyRaider samples search to find the Apple account's username, password and device's GUID in data being transferred.[1] |
References
×