YiSpecter iOS malware attacking non-jailbroken iOS devices

YiSpecter, a new Malware has been discovered in iOS by a cyber-security company named Palo Alto Networks. The Private APIs of iOS devices are core secrets with which malware infects them and users from China and Taiwan are effected the most. The malware attacks only non-jailbroken devices, making it first of its kind malware.

The glitch has already been confirmed by Apple itself to the TechCrunch. The company has cancelled all of the certificated who can distribute this Malware, statements from the company conclude. The flaw doesn’t affect users running latest version of iOS – iOS 9. Now, this is probably why every single security experts recommends to keep every software up-to-date.

The malware is very smart, it can do literally anything one can imagine to take care of. It can make you see full page advertisements, install suspicions apps and remove legitimate ones, send your personal data to its originated servers and even if you manually remove it from your device running on IOS, it can come into an act again!

Palo Alto Networks, the company behind discover said, “ YiSpecter consists of four different components that are signed with enterprise certificates, according to security researchers at Palo Alto Networks, who add that the malware uses a variety of tricks to hide its presence on compromised systems, such as the use of the same name and logos as system apps and hiding their icons from iOS’s SpringBoard, which prevents the user from finding and deleting them. Once installed the malware mounts a variety of cybercrime scams

Abusing enterprise level certificates and the private APIs won’t only lead towards infection of more devices, but at the same time it could force the security-line barrier one step backward, Claud Xiao, one of the senior security researchers at Palo Alto Networks said in a blogpost.

The malware actually got spread via an app that allowed users to enjoy the porn for free. As soon as folks installed it, more and more devices started to get infected due to the hijacked traffic travelling from online communities, ISPs (Internet Service Providers) and a worm of Windows that firstly attacked QQ.

Last week, around 40 legitimate apps were infected by another malware dubbed as XcodeGhost. Though, YiSpecter doesn’t seem to have any relation with XcodeGhost.

Leave a Reply

Your email address will not be published. Required fields are marked *