FANDOM


Key Raider is a virus on devices running the iOS operating system that only targets jailbroken devices. Users of non-jailbroken iPhones or iPads will not be affected by this attack. The virus infects the user's iOS device by intercepting iTunes traffic on the device. Once it does that, it injects the payload. It will result in the stealing of personal information but also in the hijacking of the iOS device, resulting in being unable to unlock it.

Payload

When the Trojan is started, it steals a lot of information from the device: the user name, password, Push notification service certificates and private keys.

The trojan sends the stolen information to the following remote locations:

top100.gotoip4.com
www.wushidou.cn

The trojan blocks the phone making it impossible to unlock.