About 225,000 iPhone and iPad users have been victimized by hackers through a malware known as KeyRaider.
According to security experts who uncovered the cyber attack, those who were targeted were running jailbreak versions of Apple's iOS operating system, CNN Money reported.
Security firm Palo Alto Network noted that the incident is the largest account theft case to hit users of the Cupertino-based tech giant's platform. Some of the victims' account details for iTunes, App Store and Apple ID got stolen while others' devices were locked out by hackers and are being held for ransom.
Some of the account information, however, were shared to the public by the hackers. Other people were then able to purchase apps from Apple's iTunes using the stolen information. According to reports, around 20,000 people have already benefited from illegally using other users' accounts.
Originally, the KeyRaider malware targeted Apple users in China, the country where most iOS jailbreak developers operate. However, due to the growing number of people using jailbroken software, the malware has spread to 18 other countries including the U.S.
According to Tech Insider, despite the included risks, many users still prefer to use jailbreak versions of Apple's platform. Through these, they are able to make various modifications to their devices' firmware and download apps that are not available in Apple's App Store.
The trade-off, however, is that developers need to bypass Apple's security firmware to jailbreak iOS. Without this firmware, users are left susceptible to cyber attacks of hackers, which is exactly what happened through the KeyRaider malware.
According to Palo Alto Network and other Chinese tech groups that discovered the hack, the malware was spread through Cydia, a site that offers apps for jailbroken devices. Based on the malware's code, the security researchers suspect that user mischa07 was involved in the development of KeyRaider.
Apple has not yet issued an official statement regarding the incident but for years now, the company has been lobbying against the use of jailbroken software. In fact, with new versions of the iOS platform, the company includes a patch to prevent them from being modified.
However, developers have found a way to get around this patch to create a jailbreak version.
Although the latest incident only affects users of jailbroken devices and platforms, it still reminds users about the dangers of cyber attacks. Aside from Apple, Google is also facing the same threat in the form of the Stagefright exploit that targets Android users.