Trojan Affecting iOS : Both Jailbroken and Non-Jailbroken iOS Devices

iOSMalwareCan you just believe on your ears that a Trojan affecting iOS devices? Yes, this is really true news which has been addressed by Macrumors.com, that there is a Trojan infection which is going wild and infecting both Jailbroken and Non-jailbroken iOS devices in China (Firstly reported here). This very incident spotted in China that also include a PC to include within this cyber crime. Named as “AceDeceiver” this malware can easily infect any iOS device with the help of a PC, it is said to be that the Trojan has been discovered by Palo Alto Networks and in recent time its only affecting in China.

But this new iOS Trojan is really going very wild and the most annoying part is that it can affect Non-Jailbroken iOS devices that means it is challenging as well as bypassing the DRM mechanism of Apple. The working ability of AceDeceiver has been defined in such a way that, it is able to infect iOS with the help of taking advantage of flaws in FairPlay. While Apple’s DRM system is busy waiting for it, using a technique known as “FairPlay – Man in the Middle”(this has been also used as a part of spreading pirated iOS apps in past with the help of false iTunes software those were also used under fake authorization codes so that the apps can get easily to iOS devices. Now similar to this AceDeceiver has become the one which is used to distributed as a malware among these devices.

Image Source : macrumors.com

All iOS users know this very well that, Apple allows to purchase or download iOS Apps from the App Store which is linked though iTunes client that is associated with their computer system. The system works like a transaction done over internet banking, when you download or install app on iOS device it asks for authorization code for each time each app is installed the authorization code confirms that, specific app was purchased particularly. It has been said that in the process of FairPlay MITM attack, after that the authorization code is saved when they purchase any app from the App Store. The next level is of that PC software which simulates iTunes client behavior. This process make the iOS device believe that the specific app was purchased by the iOS device of the victim. In this way user become able to install such kind of App they have not paid for. You were thinking of that what does that developer get for simulating those software and app, well he is a genius and can easily install potentially unwanted programs and user will don’t even get to know about it. Read More About This Threat - http://www.macrumors.com/2016/03/16/acedeceiver-ios-trojan

Recently there was another iPhone management app called “Aisi Helper” which has claimed about services that will deal all of system backup and cleaning as well. Most of the users in China installed it after that it became a popular app which was making different malicious apps to be installed on the connected devices. As usual to bait innocent users and make them enter their Apple IDs and passwords within such app, the makers provided free content to the users so that entire process get done more easily, once this level is achieved then AceDeceiver make this possible to all transfer all data to hacker’s server.

When Apple get to know about this, after that it removed all associated Apps of AceDeceiver from the App Store but the malware attack from the opposite side remains active as well. However this malware affected only China network but there are sources who are supposed to spread the same to the entire world. Currently AceDeceiver cannot work on older versions of iOS but once it get patched then it would be no longer away from your iOS.

You can check out here, some discussions on Apple’s site - https://discussions.apple.com/docs/DOC-2435

In dieser Art von Situation müssen Sie dieser Anlage denken, die leicht Ihrer Windows sicher wie gut halten können. Holen Sie mehr dazu hier – http://www.virusspywaredeinstallation.com

Leave a Reply

Your email address will not be published. Required fields are marked *