Apple’s iOS mobile operating system is under attack in China and Taiwan, according to security firm Palo Alto Networks.
The company identified malware, dubbed YiSpecter, which—unlike most other malware affecting iOS devices—can target non-jailbroken iPhones and iPads.
In addition, the malware uses private application programming interfaces (API), or frameworks used internally by companies, to spoof the operating system. What’s more, Palo Alto said that YiSpecter can be installed even when the device is offline and hijack traffic from national ISPs.
“On infected iOS devices, YiSpecter can download, install, and launch arbitrary iOS apps, replace existing apps with those it downloads, hijack other apps’ execution to display advertisements, change Safari’s default search engine, bookmarks and opened pages, and upload device information to the C2 server,” Palo Alto Networks said, adding that the malware has been targeting iOS devices over the last 10 months.
The finding, while ostensibly contained at the moment, illustrates a real issue for Apple’s iOS platform. In nearly all cases of malware infections, only those iOS devices that have been jailbroken and access apps outside of Apple’s App Store have been vulnerable. YiSpecter doesn’t require jailbreaking so every iOS device is potentially at risk.
The finding is also the latest black eye for Apple. The company admitted last month that hackers targeted its App Store and were successful in getting dozens of malicious apps into its marketplace. Those apps have since been removed.
But Trey Ford, global security strategist at security analytics firm Rapid7, told PCMag this is not the beginning of the end for iOS security.
“This does not signal the collapse of Apple’s iOS security model,” Ford said. “Consumers and enterprises should be aware that Apple has already included additional controls to make this kind of attack even harder in iOS 9 updates. Apple’s iOS walled garden is still a holy grail for attackers, so every incident involving non-jailbroken iOS devices will likely be considered newsworthy.”
Apple did not immediately respond to a request for comment.
Source : UK.PCMAG.COM