A new iOS trojan has been found in the wild that’s able to infect non-jailbroken iOS devices through PCs without the need to exploit an enterprise certificate. That makes this trojan really, really, dangerous.
Discovered by Palo Alto Networks, the trojan dubbed “AceDeceiver” infects an iOS device by taking advantage of flaws in FairPlay, Apple’s digital rights management (DRM) system. It uses a technique called “FairPlay Man-in-the-Middle,” which has been used to spread pirated iOS apps in the past by using fake iTunes software and spoofed authorization codes to get the apps on iOS devices. My first thought is why this flaw is still available for use by evil doers if it has been leveraged before.
Though Apple removed the apps from the App Store in February, the attack remains active because attackers still have the authorization code. That’s a #fail. AceDeceiver only affects users in China, but Palo Alto Networks believes the AceDeceiver trojan or similar malware could spread around to additional regions.
Over to you Apple. What are you doing to protect users from this rather dangerous threat?
Related
This entry was posted on March 16, 2016 at 4:06 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Extremely Dangerous iOS Trojan In The Wild
A new iOS trojan has been found in the wild that’s able to infect non-jailbroken iOS devices through PCs without the need to exploit an enterprise certificate. That makes this trojan really, really, dangerous.
Discovered by Palo Alto Networks, the trojan dubbed “AceDeceiver” infects an iOS device by taking advantage of flaws in FairPlay, Apple’s digital rights management (DRM) system. It uses a technique called “FairPlay Man-in-the-Middle,” which has been used to spread pirated iOS apps in the past by using fake iTunes software and spoofed authorization codes to get the apps on iOS devices. My first thought is why this flaw is still available for use by evil doers if it has been leveraged before.
Though Apple removed the apps from the App Store in February, the attack remains active because attackers still have the authorization code. That’s a #fail. AceDeceiver only affects users in China, but Palo Alto Networks believes the AceDeceiver trojan or similar malware could spread around to additional regions.
Over to you Apple. What are you doing to protect users from this rather dangerous threat?
Share this:
Like this:
Related
This entry was posted on March 16, 2016 at 4:06 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.