YiSpecter consists of four different components that are signed with enterprise certificates. The malware has been in the wild for over 10 months, but out of 57 security vendors in VirusTotal, only one is detecting the malware at the time of this writing. Many victims have discussed YiSpecter infections of their jailbroken and non-jailbroken iPhones in online forums and have reported the activity to Apple. It spreads via unusual means, including the hijacking of traffic from nationwide ISPs, an SNS worm on Windows, and an offline app installation and community promotion. So far, the malware primarily affects iOS users in mainland China and Taiwan. Specifically, it’s the first malware we’ve seen in the wild that abuses private APIs in the iOS system to implement malicious functionalities. YiSpecter is different from previously seen iOS malware in that it attacks both jailbroken and non-jailbroken iOS devices through unique and harmful malicious behaviors. We recently identified a new Apple iOS malware and named it YiSpecter.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |