wannacry, iOS spyware attack, wannacry

Another threat emerges from the depths of cyberspace and this time it’s aimed at iOS devices. Infecting a large number of iPhone users in China and Taiwan is a new malware called YiSpecter, first recognized by Palo Alto Networks, which provides security against potential cyber threats.

The modus operandi of the malware quite the usual: first it installs unwanted apps into the system and in the process of doing that it terminates existing apps. Now your phone exhibits the first symptoms of the infection as the malware progress with a show of full-screen advertisements.

Changing bookmarks and other user settings on the way, the malware gradually starts to relay sensitive user information to its server. Even if the users delete its resources, the malware still hides within the system, reappearing in after a short while.

Its identifier, Palo Alto Networks believes that the malware is typical of platform’s other crooked malicious software as it uses easy to infect private APIs to spread its malice.

The security firm stated that “by abusing enterprise certificates and private APIs, YiSpecter is not only able to infect more devices, but also pushes the line barrier of iOS security back another step.”

The journey YiSpecter began when it first appeared disguised as an app that allowed users to view free porn. Once it got the freeway into the platform, it spread to other iOS devices mainly in China and Taiwan by taking over traffic from Internet service providers.

It success lies in its ability to hide its icons from iOS SpringBoard and camouflaging its appearance with apps on the App store. The malware first appeared in the cyber space about 10 months ago and has yet gone undetected to large extent.

It was only a month before YiSpecter emergence that a similar malware known as XcodeGhost infected popular apps in the Chinese App Store. Palo Alto Networks has refused the speculation that the two malware might be from the same source.

Leave a Reply

Your email address will not be published. Required fields are marked *