Malware Infecting Jailbroken iPhones Stole 225,000 Apple Account Logins ⇥ arstechnica.com

Dan Goodin, Ars Technica:

KeyRaider, as the malware family has been dubbed, is distributed through a third-party repository of Cydia, which markets itself as an alternative to Apple’s official App Store. Malicious code surreptitiously included with Cydia apps is creating problems for people in China and at least 17 other countries, including France, Russia, Japan, and the UK. Not only has it pilfered account data for 225,941 Apple accounts, it has also disabled some infected phones until users pay a ransom, and it has made unauthorized charges against some victims’ accounts.

Jailbreaking your iOS device these days seems like an open invitation for malware. It’s hard to pin the blame on users, though, when most popular jailbreaking software doesn’t fully advise users of the risks involved, or what jailbreaking actually does: exploit security holes to disable internal protections.