- Real Name
- iPhone 7 Plus
The first iOS malware has been discovered
BY KELLEN BECK1 HOUR AGO
Your iPhone isn’t as safe from viruses as you thought. A security firm has confirmed the existence of iOS malware that can infect even non-jailbroken phones.
Security company Palo Alto Networks announced it found a Trojan that exploits flaws in Apple’s DRM without needing to abuse enterprise certificates, and they’re calling it “AceDeceiver.” Currently, AceDeceiver only activates when the device’s geotag is in China.
The process for how the malware works is a little complicated. According to Palo Alto Networks, AceDeceiver uses a mechanism called FairPlay Man-in-the-Middle, where attackers purchase apps and save the authorization code needed for it to work on an iOS device. By using fake iTunes clients on infected computers, attackers can send an authorization code to trick a victim’s device to make it believe it purchased the app, and then it will download it.
Once the app has been downloaded on a victim’s phone, it acts as a Trojan, giving access of the device to the attackers under the guise of being a legitimate app.
According to Palo Alto Networks, this method has been used to pirate apps before, and this is the first time FairPlay MITM has been used maliciously. It also said
the method is pretty simplistic, and is likely to be copied by other attackersthe method is pretty simplistic, and is likely to be copied by other attackers. AceDeceiver could also be easily changed to work in regions besides China, although the security company said its region-locked activation makes it harder to be discovered by Apple or security firms.
Palo Alto Networks said that it notified Apple about AceDeceiver in late February and the AceDeceiver apps were promptly removed from the App Store.