Apple acknowledges 'YiSpecter' iOS malware, says issue unlikely to affect most people

Posted:
in iPhone edited October 2015
A piece of recently-identified iOS malware, known as YiSpecter, is not a major threat despite its ability to attack both jailbroken and factory stock devices, Apple said on Monday.




"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," a representative explained to The Loop. "We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps."

Recently, security researchers with Palo Alto Networks described YiSpecter as the first malware in the wild to exploit private APIs in iOS. It has actually been in the wild for over 10 months -- mainly impacting people in China and Taiwan -- but allegedly escaped detection by most security vendors. China is known to have a large market for pirated apps.

Once YiSpecter is onboard, the code can download, install, and launch apps, or even replace existing software. It can also open pages and change Safari settings, upload device information to a remote server, and flash fullscreen ads when launching an otherwise normal app. The malware will automatically reappear if it's deleted manually.

Apple's statement comes on the heels of the company addressing XcodeGhost, a malware infection that infiltrated the App Store through modified versions of its Xcode development tool. Apple regularly uses the security of iOS and the App Store as a selling point versus Google's Android platform.

Comments

  • Reply 1 of 15
    Sadly, Apple's reputation suffers in the minds of idiots who infect themselves by trying to get by on the cheap and complain about it like it's not their fault.
  • Reply 2 of 15
    lkrupplkrupp Posts: 10,557member

    So iOS 8.4 fixed the issue. Nuff said.

  • Reply 3 of 15
    gtrgtr Posts: 3,231member
    "A piece of recently-identified iOS malware, known as [B]Android[/B], is not a major threat despite its ability to attack both jailbroken and factory stock devices."

    Fixed that for you.
  • Reply 4 of 15
    Quote:

    Originally Posted by Macky the Macky View Post



    Sadly, Apple's reputation suffers in the minds of idiots who infect themselves by trying to get by on the cheap and complain about it like it's not their fault.

     

    I don't think this really harm's Apple's reputation. Anyone who thought that users don't play a part in a platform's security are too stupid to have an opinion.

     

    I do think we'll continue to see more exploits across all platforms in the future. The toolsets to expose vulnerabilities are multiplying, and it no longer requires as much expertise to attack. If you walk into a keynote at Blackhat with any brand of phone in your pocket and powered on, you'll see your family photos on the big screen.

  • Reply 5 of 15
    China. No further comment.
  • Reply 6 of 15
    dasanman69dasanman69 Posts: 13,002member
    China. No further comment.

    Funny but that sounds like a fandroid's excuse.
  • Reply 7 of 15
    Quote:

    Originally Posted by AppleInsider View Post



    "This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," a representative explained to The Loop. "We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware...."

    Downloading from untrusted sources AND needs to be on a version older than iOS 8.4.

     

    That combination seems extremely unlikely to affect many people.

  • Reply 8 of 15
    solipsismysolipsismy Posts: 5,099member
    [QUOTE]"...says issue unlikely to affect most people."[/QUOTE]

    All malware, no matter how pervasive fits into that category. I hope that's not in their actual statement.
  • Reply 9 of 15
    techlover wrote: »
    Downloading from untrusted sources AND needs to be on a version older than iOS 8.4.

    That combination seems extremely unlikely to affect many people.

    AND the user is presented with a warning from iOS itself and has to explicitly authorize the App to install.

    AND when the App is launched iOS presents the warning message: "Untrusted App Developer....." asking if you want to allow installation of software from them.
  • Reply 10 of 15
    dasanman69dasanman69 Posts: 13,002member
    techlover wrote: »
    Downloading from untrusted sources AND needs to be on a version older than iOS 8.4.

    That combination seems extremely unlikely to affect many people.

    AND the user is presented with a warning from iOS itself and has to explicitly authorize the App to install.

    AND when the App is launched iOS presents the warning message: "Untrusted App Developer....." asking if you want to allow installation of software from them.

    See post #7.
  • Reply 11 of 15
    gtrgtr Posts: 3,231member
    Quote:
    Originally Posted by dasanman69 View Post



    See post #7.

     

    See post #4 if you're trying to compare this single piece of malware against the toxic hellstew that you've rationally decided to use...

  • Reply 12 of 15
    dasanman69dasanman69 Posts: 13,002member
    gtr wrote: »
    dasanman69 wrote: »
    See post #7.

    See post #4 if you're trying to compare this single piece of malware against the toxic hellstew that you've rationally decided to use...

    The precautions are one and the same whether it's one or many.
  • Reply 13 of 15
    gtrgtr Posts: 3,231member
    Quote:

    Originally Posted by dasanman69 View Post



    The precautions are one and the same whether it's one or many.

     

    The precautions may be the same but the comparison was not.

  • Reply 14 of 15
    sergiozsergioz Posts: 338member
    "Once YiSpecter is onboard, the code can download, install, and launch apps, or even replace existing software. It can also open pages and change Safari settings, upload device information to a remote server, and flash fullscreen ads when launching an otherwise normal app. The malware will automatically reappear if it's deleted manually."

    That is some high tech malware, I bet it will be back sometime in the future!
  • Reply 15 of 15
    How about Apple stops trying to control our lives and loosen up. Its like, Apple is fucking communist i swear.
Sign In or Register to comment.