It is unclear how the malware, dubbed “Unflod Baby Panda,” ends up on a device, however, according to mobile experts at Germany-based security firm SektionEins, the threat aims at stealing Apple IDs and the passwords associated with them, according to a blog post by the researchers.
The malware comes in the form of a library called “Unflod.dylib” that taps into all running processes of the device. Capable of listening in on outgoing SSL connections, it then attempts to steal the Apple ID data. Experts aren’t sure how the malware ends up on the device, but believe it has Chinese origins.
Users are advised to perform a full restore, which would eradicate the malware and also do away with the jailbreak capabilities.