YiSpecter Malware Attacks IPhones And IPads

Posted: Oct 5 2015, 3:21am CDT | by , Updated: Oct 5 2015, 8:19pm CDT, in News | Apple


YiSpecter Malware Attacks iPhones and iPads

New iOS malware has been discovered that is a threat to both jailbroken and non-jailbroken iPhones.

Apple's iOS is under attack like never before. In past weeks malware was discovered that infected apps or attacked jail-breakers. Now security company Palo Alto Networks discovered YiSpecter.

YiSpecter is attacking both jailbroken and non-jailbroken iPhones using private APIs. It is the first malware that the company encountered abusing private APIs for malware.

So far YiSpecter primarily affects iOS users in mainland China and Taiwan. It spreads via unusual means, including the hijacking of traffic from nationwide ISPs, an SNS worm on Windows, and an offline app installation and community promotion. YiSpecter has been in the wild for over 10 months says Palo Alto Networks.

Claud Xiao writes: "On infected iOS devices, YiSpecter can download, install and launch arbitrary iOS apps, replace existing apps with those it downloads, hijack other apps’ execution to display advertisements, change Safari’s default search engine, bookmarks and opened pages, and upload device information to the C2 server."

Palo Alto Networks has released IPS signatures via their Threat Prevention product to detect and block all malicious C2 traffic related to YiSpecter. The firm has also released signatures to detect the queries for the C2 domains used by the malware.

The YiSpecter threat has been reported to Apple for them to revoke the abused enterprise certificates. Exhaustive details of the YiSpecter threat can be found here.

You May Like


The Author

<a href="/latest_stories/all/all/2" rel="author">Luigi Lugmayr</a>
Luigi Lugmayr () is the founding chief Editor of I4U News and brings over 15 years experience in the technology field to the ever evolving and exciting world of gadgets. He started I4U News back in 2000 and evolved it into vibrant technology magazine.
Luigi can be contacted directly at ml@i4u.com.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News