Apple Officially Addresses YiSpecter iOS Malware Woes: Here's The Deal

Horia Ungureanu, Tech Times 08 October 2015, 06:10 am

Researchers with Palo Alto Networks just uncovered YiSpecter, the first malware apt at exploiting private APIs in iOS.

Most victims of the malicious software were Taiwanese and Chinese iPhone users. Both locked and unlocked versions of the smartphones were exposed. It is assumed that the numerous suspicious apps that plague the Chinese networks are connected to the infection. The initial spotting of the malware happened more than 10 months ago.

After YiSpecter infiltrates an iPhone, the malware downloads, installs and launches applications. It can go as far as replacing previous software in the process. Its hostile actions include changing the Safari settings and feeding the user's data to hackers on remote servers. A signature move of the software is that, when opening standard apps, the display is blocked by full screen ads. Simply deleting the malware fixes nothing, as the destructive program reappears on its own if it's not annihilated by an anti-virus.

Shortly after it received the notice from the digital security researchers, Apple made an official statement about the problem.

"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," declared an Apple representative.

"We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates." The spokesperson pointed out that users are strongly encouraged to use verified sources, such as the App Store, when downloading software.

In the last period, the Cupertino-based company proved increasingly vulnerable to cyber threats.

Earlier in September, the XcodeGhost malware affected a couple of Chinese products from the Apple Store. It did so by using a customized version of the Xcode development instrument. The difference between the malevolent software is that YiSpecter did not gain access to the Apple Store.

No information is public about the number of users affected by YiSpecter in China and Taiwan. Preliminary conclusions indicate that a Chinese mobile advertisement platform could be behind the malware. Apple investigates the matter after it was informed by Palo Alto Networks.

As the iPhone producer claims to provide one of the most secure devices, the two security breaches shake the confidence in Apple's famous resilience to hacking.