Hackers have stolen over 225,000 Apple user's account information from countries all over the world—including the United States, China, and France—in what many are reporting to be the biggest known Apple hack in history.
Using a type of malware dubbed "KeyRaider," hackers have been able to target jailbroken devices through a Cydia repository. The malware steals Apple account usernames and passwords, push notification service certificates, private keys, and App Store purchasing information. The hackers even have the ability to disable you from entering your device all together, effectively holding it hostage, which is something known as ransomware.
To find out if you've been affected, researchers over at Palo Alto Networks have provided a very thorough guide that you should definitely check out, detailing where the malware comes from, what it steals, who created it, and how to find out if it's on your iPad, iPhone, or iPod touch.
If you're part of the 225,000 exploited users, you should take the necessary steps to ensure that no one can use your password to purchase apps or lock you out of your device. That means unjailbreaking your device, changing your password, and enabling two-step verification, which I'll show in more detail below.
The first thing you should do is unjailbreak your iPhone so that you can remove root-level privileges and disable unsigned code from running, which is what allows KeyRaider to snatch up your information.
Lucky for you, the process is as simple as putting your device into recovery mode (DFU), connecting it to your computer, and restoring it back to normal. Follow Justin's guide on downgrading from an iOS beta, which is the exact same process as unjailbreaking your device.
Since KeyRaider steals your Apple credentials, you also need to reset the password for your Apple ID. On your computer, go to My Apple ID, click on Manage Your Apple ID, then enter your existing credentials.
Next, click on "Password and Security" and answer the two security questions.
Finally, click on "Change Password," enter your old password, then enter a new (and once again to verify it). Hit "Change Password" at the bottom to save your new password and you're done.
The last thing you need to do is enable two-step verification on iOS, which adds an additional layer of security to your Apple accounts. Make sure to check out our guide to enabling two-step verification on your Apple ID for iCloud, the App Store, and iTunes to quickly set it up.
If you're thinking about jailbreaking, which is still a great tool for customizing your device, you should wait until this whole hack gets patched up. One simple attack shouldn't deter you from jailbreaking in the future, as long as you're cautious with what you download.