New Malware 'YiSpecter' Attacks iOS Devices in China and Taiwan
A new kind of malware called "YiSpecter" is attacking iOS devices in China and Taiwan, even those that have not yet been jailbroken.
YiSpecter, which was first uncovered by security company Palo Alto Networks, enters the iOS devices via the private API of the operating system. The discovery comes just a month after malware-infected apps had to be kicked out of the Apple App Store, according to The Dispatch Times.
The newly discovered malware has components that enable it to hide the installed apps from the iOS Springboard. These components also copy the names and logos of the apps that run the iOS to deceive the user, the Herald Current explains.
Get Our Latest News for FREE
The new malware zeroes in on iOS users in China because they are the biggest market in the world as of now. Once a user opens a website, a notification pops up to ask permission to install software that would allow them to get more content from the same page. The malware then uses the downloaded iOS apps to replace existing apps.
Manual deletion of the malware does not do any good because it will just automatically reappear. It manifests itself as a free porn app, but it hijacks traffic from Internet service providers.
Apple reportedly already knows about the YiSpecter malware. But over 100 unapproved apps have managed to penetrate Apple's very strict security system, the report details.
In September, Apple removed 39 apps from its App Store because they were found to be infected with malware. The latest iOS version cannot be penetrated by YiSpecter, but an update to the malware's code could still leave iOS 9 users vulnerable.
According to Palo Alto Networks, what sets YiSpecter apart from other iOS malware is that it affects both jailbroken and unjailbroken devices.
In an interview with SCMagazineUK.com, Lancope's VP of threat intelligence Gavin Reid said he suspects that a mobile advertising firm is behind the YiSpecter attack on iOS devices in China and Taiwan.
