A malware family dubbed ‘KeyRaider’ has stolen over 225,000 iOS account login credentials, mostly from Chinese jailbroken iPhones, according to a report released this week from Palo Alto Networks.

The breach is the biggest so far in the history of iOS devices, and has affected users in 18 countries total. According to the report, up to 20,000 users are taking advantage of the tweaks that use stolen data to download and pay for items from the iTunes App store.

“The purpose of this attack was to make it possible for users of two iOS jailbreak tweaks to download applications from the official App Store and make in-app purchases without actually paying,” said Palo Alto in a blog post.

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

$19/month

Yearly Membership

$149/year

What you get

Full access to all premium content and our full archives

Members'-only newsletters

Preferential access and discounts to all TechNode events

Direct access to the TechNode newsroom

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

$19/month

Yearly Membership

$149/year

Cate Cadell

Cate is a tech writer. She worked as a journalist in Australia, Mongolia and Myanmar. You can reach her (in Chinese or English) at: @catecadell or catecadell@technode.com