KeyRaider: iOS Malware Steals Over 225,000 Apple Accounts
概要
Recently, WeipTech was analyzing suspicious Apple iOS tweaks reported by users and found over 225,000 valid Apple accounts with passwords stored on a server. In cooperation with WeipTech, we have identified 92 samples of a new iOS malware family in the wild. We have analyzed the samples to determine the author’s ultimate goal and have named this malware “KeyRaider”. We believe this to be the largest known Apple account theft caused by malware. KeyRaider targets jailbroken iOS devices and is distributed through third-party Cydia repositories in China. In total, it appears this threat may have impacted users from 18 countries including China, France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 5.12
Matched TTPs:
- T1588.001 - Malware
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 5.20
Matched TTPs:
- T1588.001 - Malware
- T1573.002 - Asymmetric Cryptography
MITREへのリンク →
Score: 3.95
Matched TTPs:
- T1588.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.55
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
MITREへのリンク →
Score: 6.05
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.95
Matched TTPs:
- T1588.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1588.001 - Malware
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.55
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
MITREへのリンク →
Score: 4.98
Matched TTPs:
- T1588.001 - Malware
- T1657 - Financial Theft
MITREへのリンク →
Score: 10.44
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
- T1588.003 - Code Signing Certificates
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 7.43
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1564.001 - Hidden Files and Directories
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 11.82
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
- T1565 - Data Manipulation
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 8.92
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
- T1564.001 - Hidden Files and Directories
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 5.25
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1588.003 - Code Signing Certificates
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 7.36
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1573.002 - Asymmetric Cryptography
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.76
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 8.24
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1036.010 - Masquerade Account Name
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 12.91
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.62
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.05
Matched TTPs:
- T1657 - Financial Theft
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.27
Matched TTPs:
- T1657 - Financial Theft
- T1573.002 - Asymmetric Cryptography
MITREへのリンク →
Score: 5.19
Matched TTPs:
- T1657 - Financial Theft
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 5.63
Matched TTPs:
- T1036.001 - Invalid Code Signature
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.66
Matched TTPs:
- T1036.001 - Invalid Code Signature
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 12.83
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1213 - Data from Information Repositories
- T1564.001 - Hidden Files and Directories
- T1550.001 - Application Access Token
MITREへのリンク →
Score: 4.65
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1588.003 - Code Signing Certificates
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Score: 4.02
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.68
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.65
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1588.003 - Code Signing Certificates
MITREへのリンク →
Score: 6.03
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1001.002 - Steganography
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
MITREへのリンク →
Score: 11.44
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1588.003 - Code Signing Certificates
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Score: 4.16
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 4.16
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 9.57
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1564.001 - Hidden Files and Directories
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 9.91
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1588.003 - Code Signing Certificates
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.41
Matched TTPs:
- T1573.002 - Asymmetric Cryptography
- T1078.003 - Local Accounts
MITREへのリンク →
Score: 5.41
Matched TTPs:
- T1573.002 - Asymmetric Cryptography
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 5.90
Matched TTPs:
- T1573.002 - Asymmetric Cryptography
- T1588.003 - Code Signing Certificates
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1036.010 - Masquerade Account Name
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 9.46
Matched TTPs:
- T1564.001 - Hidden Files and Directories
- T1550.001 - Application Access Token
- T1078.003 - Local Accounts
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.82
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1550.001 - Application Access Token
- T1564.001 - Hidden Files and Directories
- T1213 - Data from Information Repositories
MITREへのリンク →
Score: 0.79
Matched TTPs:
- T1564.001 - Hidden Files and Directories
- T1203 - Exploitation for Client Execution
- T1027.007 - Dynamic API Resolution
- T1036.004 - Masquerade Task or Service
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 0.77
Matched TTPs:
- T1564.001 - Hidden Files and Directories
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
- T1565 - Data Manipulation
MITREへのリンク →
Score: 0.74
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1027.007 - Dynamic API Resolution
- T1588.003 - Code Signing Certificates
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1588.003 - Code Signing Certificates
- T1078.003 - Local Accounts
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1078.003 - Local Accounts
- T1550.001 - Application Access Token
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1566.003 - Spearphishing via Service
- T1588.003 - Code Signing Certificates
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1573.002 - Asymmetric Cryptography
- T1078.003 - Local Accounts
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 0.57
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1078.003 - Local Accounts
- T1036.004 - Masquerade Task or Service
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1566.003 - Spearphishing via Service
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design