YiSpecter ad malware attacks iOS devices (even non jail-broken ones too)
Barely a week after Apple pulled down thousands of apps from its App Store due to a potentially dangerous line of codes found within them, the iOS community has been discovered to be under threat once again.
The newest malware is called YiSpecter and as a first of its kind, it attacks iOS devices that have jail breaks as well as the ones with root permission in check. The virus is said to be fast spreading across China and Taiwan and once downloaded, can wreak havoc into users’ supposedly smooth iOS experience by installing and launching suspicious apps, changing Safari’s default search engine, as well as hijacking apps displayed inside other apps and browsers in users’ iPhones and iPads.
Security expert Unit 42 wrote:
YiSpecter consists of four different components that are signed with enterprise certificates. By abusing private APIs, these components download and install each other from a command and control (C2) server. Three of the malicious components use tricks to hide their icons from iOS’s SpringBoard, which prevents the user from finding and deleting them. The components also use the same name and logos of system apps to trick iOS power users.
To make the situation even scarier, most anti malware programs can’t seem to detect YiSpecter in infected phones. The malware has reportedly been in the wild for as much as 10 months and Apple hasn’t devised a way to curb the spread of the malicious program yet.
You may also like
- YiSpecter ad malware attacks iOS devices (even non jail-broken ones too)
- Apple issues statement on YiSpecter malware, says it’s under control
- Huawei roadmap to Nougat update leaks on Weibo, shows units bound to get the update
- Moto X4 Officially Launches With Dual Camera Setup
- InnJoo Note E and InnJoo i1k mid-rangers unveiled
- iOS Apps “Hot Patching” Update Puts Users At Risk
- This Is What The Fuss About Android 8.0 Is All About