Skip to content

October 5, 2015

Apple Responds to YiSpecter Malware, Says Fix Was Implemented in iOS 8.4

by John_A

Over the weekend, security site Palo Alto Networks detailed a new iOS malware that’s able to infect non-jailbroken Apple devices using enterprise certificates and private APIs. It originated in Taiwan and China and was installed through several methods, including hijacking traffic from ISPs, an SNS worm on Windows, and offline app installation.

Called YiSpecter, the malware is able to download, install, and launch apps, doing things like replacing existing apps, displaying advertisements in legitimate apps, changing Safari’s default engine, and uploading user information to remote servers.

yispecterpopupadA popup ad that was able to install YiSpecter on iOS devices
In response to the detailing of YiSpecter, Apple has released an official statement to The Loop explaining that YiSpecter is only able to target iOS users who are running an older version of iOS that have also downloaded content from untrusted sources.

“This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps.”

Apple implemented fixes for YiSpecter in iOS 8.4, so iOS 8.4.1 and iOS 9 are immune to the malware. Users who want to avoid being targeted by YiSpecter should make sure to upgrade to the latest version of iOS and as always, should avoid downloading apps from unverified sources.


Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: