Zorg ervoor dat uw Iphone Up-to-date is en blijft!

Shortly after news about the XcodeGhost attack broke out, a new malware dubbed YiSpecter has been discovered infecting iOS devices. According to reports, the malware can install itself on both jailbroken and non-jailbroken iOS devices. YiSpecter is the first iOS malware that exploits Apple’s private APIs, allowing attackers to target iOS devices—including unmodified or un-jailbroken ones—by going through the official App Store. It was found to have been active for almost 10 months, mostly affecting users in China and Taiwan.

[READ: Malware-Laced Xcode Tool Used to Infect iOS Apps]             

YiSpecter uses novel techniques to spread itself. Identified to have been spreading as far back as November 2014, the malware spread by masquerading as apps that allowed users to stream porn videos. It then infects other devices by hijacking traffic from nationwide ISPs, offline app installations, an SNS worm on Windows machines, and community promotions to spread itself. The malware managed to get around Apple’s code review process by abusing enterprise certificates and private APIs.

Once installed on an iOS device, the malware can download, install, and launch apps, replace existing apps, hijack advertisements, change the browsers default search engine, and upload device information to a C&C server. The malware has also been observed to reappear after manual deletion.

Apple has recently issued a statement:

This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps tat distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps.”

This issue should remind users that while Apple is renowned for its walled garden approach, it is never really free from security risks; hence, users must take preventive measures to protect themselves. Despite the discovered “holes in the wall”, it’s still recommended to stick to official downloads from official App Store.

Finally, users should always update their OS and apps the latest version to reduce the risk of being exposed to unpatched vulnerabilities that can be exploited. As stated above, iOS users who have updated to newer versions of iOS should be safe from this issue.

 

Bron: http://www.trendmicro.com/vinfo/us/security/news/mobile-safety/yispectre-malware-affects-unmodified-ios-devices

Share:

More Posts

Bewustwording

Wij zien de afgelopen periode dat veel actualiteiten op de radio en televisie stil staan bij de veiligheid in de digitale wereld.  Dit is niet voor niets, als we kijken naar de ontwikkelingen op het

Ransomware

De laatste tijd zien wij bij veel klanten weer een toename van het aantal malware besmettingen. Ondanks dat er diverse voorzorgsmaatregelen zijn genomen zoals; centraal beheerde anti-virus software, webfilters, webproxies. Etc Blijkt het toch mogelijk

Active Directory

Active Directory Elke systeembeheerder heeft er mee te maken, Active Directory (AD)  veelal een afspiegeling van de organisatie. Alle medewerkers staan hier netjes in vermeld met hun toegangsmachtigingen en toegewezen privileges. Aanverwante systemen putten uit

Flexas ontzorgt door Flex-ICT

Referentie van Flexas in Amsterdam voor Flex-ICT Flexas is een online kantoorbemiddelaar. Zij beheren onder andere een bedrijfsverzamelgebouw met 218 kantoorruimtes in Amsterdam. Het is belangrijk voor Flexas dat alle kantoren voorzien zijn van goede

Send Us A Message