HACKINTOSH.ORG | Macintosh discussion forums

Macintosh News => iPhone/iPod/iPad News => Topic started by: HCK on October 05, 2015, 03:00:22 pm



Title: Newly discovered YiSpecter malware affecting iPhone and iPad in Asia
Post by: HCK on October 05, 2015, 03:00:22 pm
Newly discovered YiSpecter malware affecting iPhone and iPad in Asia

<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>iPhone (http://www.imore.com/iphone) and iPad (http://www.imore.com/ipad) in both China and Taiwan have been found to be vulnerable to newly discovered malware. The malicious software – referred to as YiSpecter – was spotted by Palo Alto Networks, who states that the infection may originate from a China-based advertising company. YiSpecter downloads apps onto said mobile devices that remain hidden from the owner, regardless as to whether or not the iOS device is jailbroken.</p> <!--break--> <p>YiSpecter follows XcodeGhost (http://www.imore.com/xcodeghost-malware-what-you-need-know) as the second malicious software spotted in the past month. What's more alarming in this instance is how the infection is able to affect those who have not jailbroken their iPhone or iPad, seemingly bypassing Apple's defences against malicious code. It's reported that the malware has been spreading as early as November of last year.</p> <p>As noted by Palo Alto Networks in their report (http://researchcenter.paloaltonetworks.com/2015/10/yispecter-first-ios-malware-attacks-non-jailbroken-ios-devices-by-abusing-private-apis/):</p>
<p>"It spreads via unusual means, including the hijacking of traffic from nationwide ISPs, an SNS worm on Windows, and an offline app installation and community promotion. Many victims have discussed YiSpecter infections of their jailbroken and non-jailbroken iPhones in online forums and have reported the activity to Apple. The malware has been in the wild for over 10 months, but out of 57 security vendors in VirusTotal, only one is detecting the malware at the time of this writing."</p>
<p>On infected mobile devices, YiSpecter can cause iOS to display full advertisements instead of loading an app when commanded to do so, but Palo Alto Networks do provide a step-by-step guide to help remove YiSpecter. Apple has been notified by researchers and more details can be obtained by reading through the full report.</p> <p>Source: Palo Alto Networks (http://researchcenter.paloaltonetworks.com/2015/10/yispecter-first-ios-malware-attacks-non-jailbroken-ios-devices-by-abusing-private-apis/)</p> </div></div></div><br clear='all'/>

<a href="http://rc.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/rc/1/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/rc/1/rc.img" border="0"/>[/url]

<a href="http://rc.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/rc/2/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/rc/2/rc.img" border="0"/>[/url]

<a href="http://rc.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/rc/3/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/rc/3/rc.img" border="0"/>[/url]

<img src="http://da.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/a2.img" border="0"/> (http://da.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/a2.htm)<img width="1" height="1" src="http://pi.feedsportal.com/r/241225460770/u/49/f/616881/c/33998/s/4a688a27/sc/15/a2t.img" border="0"/><img width='1' height='1' src='(http://tipb.com.feedsportal.com/c/33998/f/616881/s/4a688a27/sc/15/mf.gif)' border='0'/><img src="http://feeds.feedburner.com/~r/TheIphoneBlog/~4/lpipFQb8KtA" height="1" width="1" alt=""/>

Source: Newly discovered YiSpecter malware affecting iPhone and iPad in Asia (http://feedproxy.google.com/~r/TheIphoneBlog/~3/lpipFQb8KtA/story01.htm)