Apple acknowledges 'YiSpecter' iOS malware, says issue unlikely to affect most people
A piece of recently-identified iOS malware, known as YiSpecter, is not a major threat despite its ability to attack both jailbroken and factory stock devices, Apple said on Monday.
"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," a representative explained to The Loop. "We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps."
Recently, security researchers with Palo Alto Networks described YiSpecter as the first malware in the wild to exploit private APIs in iOS. It has actually been in the wild for over 10 months -- mainly impacting people in China and Taiwan -- but allegedly escaped detection by most security vendors. China is known to have a large market for pirated apps.
Once YiSpecter is onboard, the code can download, install, and launch apps, or even replace existing software. It can also open pages and change Safari settings, upload device information to a remote server, and flash fullscreen ads when launching an otherwise normal app. The malware will automatically reappear if it's deleted manually.
Apple's statement comes on the heels of the company addressing XcodeGhost, a malware infection that infiltrated the App Store through modified versions of its Xcode development tool. Apple regularly uses the security of iOS and the App Store as a selling point versus Google's Android platform.
"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," a representative explained to The Loop. "We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps."
Recently, security researchers with Palo Alto Networks described YiSpecter as the first malware in the wild to exploit private APIs in iOS. It has actually been in the wild for over 10 months -- mainly impacting people in China and Taiwan -- but allegedly escaped detection by most security vendors. China is known to have a large market for pirated apps.
Once YiSpecter is onboard, the code can download, install, and launch apps, or even replace existing software. It can also open pages and change Safari settings, upload device information to a remote server, and flash fullscreen ads when launching an otherwise normal app. The malware will automatically reappear if it's deleted manually.
Apple's statement comes on the heels of the company addressing XcodeGhost, a malware infection that infiltrated the App Store through modified versions of its Xcode development tool. Apple regularly uses the security of iOS and the App Store as a selling point versus Google's Android platform.
Comments
So iOS 8.4 fixed the issue. Nuff said.
Fixed that for you.
Sadly, Apple's reputation suffers in the minds of idiots who infect themselves by trying to get by on the cheap and complain about it like it's not their fault.
I don't think this really harm's Apple's reputation. Anyone who thought that users don't play a part in a platform's security are too stupid to have an opinion.
I do think we'll continue to see more exploits across all platforms in the future. The toolsets to expose vulnerabilities are multiplying, and it no longer requires as much expertise to attack. If you walk into a keynote at Blackhat with any brand of phone in your pocket and powered on, you'll see your family photos on the big screen.
Funny but that sounds like a fandroid's excuse.
"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," a representative explained to The Loop. "We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware...."
Downloading from untrusted sources AND needs to be on a version older than iOS 8.4.
That combination seems extremely unlikely to affect many people.
All malware, no matter how pervasive fits into that category. I hope that's not in their actual statement.
AND the user is presented with a warning from iOS itself and has to explicitly authorize the App to install.
AND when the App is launched iOS presents the warning message: "Untrusted App Developer....." asking if you want to allow installation of software from them.
See post #7.
See post #7.
See post #4 if you're trying to compare this single piece of malware against the toxic hellstew that you've rationally decided to use...
The precautions are one and the same whether it's one or many.
The precautions are one and the same whether it's one or many.
The precautions may be the same but the comparison was not.
That is some high tech malware, I bet it will be back sometime in the future!