YiSpecter: new and dangerous iOS malware attacking non-jailbroken devices

0

yispecterpopupad

Palo Alto Networks, security specialist company, has identified a new security issue affects iOS devices. The malware has been called YiSpecter and mainly affects users who live in China and Taiwan. Its output of these countries is now a matter of debate among different developers worldwide.

First of all, mention that the fault is fixed in iOS 8.4, so we are only at risk above 8.3 or iOS users to download applications outside the App Store. At the time of this writing, Apple has already revoked the certificates used by applications that were distributing YiSpecter.

What YiSpecter does:

  • Installing unwanted applications.
  • Replace other legitimate applications.
  • Force applications to display advertisements to full screen.
  • Change the favorites and the default search engine in Safari.
  • Send user information to a server.
  • Reinstall when a user removes it from the device.
  • Springboard hide its icons

Palo Alto Networks said YiSpecter is very unusual because it attacks malware on iOS devices, abusing their private APIs allowing download and install four components to each other from a centralized server. The first time he appeared as did YiSpecter application that would allow users to watch free porn, but was infecting more devices kidnapping internet service providers.

YiSpecter can infect devices without jailbreak, so, once again, the importance of installing applications from the App Store just demonstrated. There are many sites that allow you to install, for example, games emulators by using these certificates to companies. It is possible to find an enticing application on a portal of this kind, we install and then we get on the surprise we have installed something that no longer seems such a good idea.

According to some sources, Apple knew this problem about 10 months before having corrected. This and other threats that may have motivated Tim Cook and company have added in your operating system a system which is known as “Rootless”, which further limits access to certain parts of the device.(Source: Palo Alto Networks)

Follow us on Twitter, subscribe to our Facebook Page, find us on LinkedIn, circle us on Google+