IOS

New AceDeceiver Malware Affects Non-Jailbroken iOS Devices: Researchers

sristy
By sristy 3 Min Read
New AceDeceiver Malware Affects Non-Jailbroken iOS Devices: Researchers

Researchers claim to have found a new strain of malware that can infect a large pool of iPhone and iPad devices. The iOS malware, dubbed AceDeceiver, is said to affect non-jailbroken devices without the user’s knowledge. Apple has reportedly pulled three apps from the App Store that were believed to be from the AceDeceiver family.

AceDeceiver was designed to exploit a flaw in Apple’s FairPlay digital rights management (DRM) protection mechanism, reports security firm Palo Alto Networks. The DRM technology protects unauthorised download of apps and other content on the company’s App Store by authenticating the purchase. The researchers say that there’s a flaw in the authorisation process, which vicious minds behind AceDeceiver exploited.

The attackers were able to intercept a special code required by Apple for authorisation and used a compromised Windows application called Aisi Helper to simulate iTunes to trick iOS device into believing that the app or any other content was purchased from Apple’s store. Attackers would then silently install AceDeceiver to the iOS device. Three compromised apps were uploaded to the App Store between July 2015 and February 2016, reports Palo Alto Networks.

“AceDeceiver is the first iOS malware we’ve seen that abuses certain design flaws in Apple’s DRM protection mechanism — namely FairPlay — to install malicious apps on iOS devices regardless of whether they are jailbroken,” Claud Xiao, a security researcher from Palo Alto Networks wrote in a blog post.

This is not the first iOS malware that we have seen in the recent times. Researchers found a strain of malware called YiSpecter that targeted jailbroken as well as non-jailbroken devices in Taiwan and China. The app, however, leveraged private APIs that are signed with enterprise certificates to look authentic.

As for AceDeceiver, Palo Alto Networks note that only users in China seem to be affected for now. However, it adds, that with slight tweaks, users in other regions can also be targeted.

“Our analysis of AceDeceiver leads us to believe FairPlay MITM attack will become another popular attack vector for non-jailbroken iOS devices – and thus a threat to Apple device users worldwide,” Xiao said.

Download the Gadgets 360 app for Android and iOS to stay up to date with the latest tech news, product reviews, and exclusive deals on the popular mobiles.

Tags: AceDeceiver, Apple, China, iOS, iPad, iPhone, Jailbreak, Malware, Mobiles, Security, Tablets, YiSpecter
[“source-Gadgets”]
TAGGED: , , , , , , ,
Previous Article Google Search App Gets New ‘Now on Tap’ Animations, Customisable Logo
Next Article Reproductive Health Tracker LoveCycles Secures Funding, Adds Hindi Language Support

Latest News

Tempering Chocolate Troubleshooting
Chocolate
Mental Health Tips For Family Caregivers Who Are Caring For Elderly Parents
FAMILY
What to Do After a Binge: A Therapist and Dietitian’s Perspectives
Chocolate
A Woman’s Guide to Gaining Muscle with Weight Training
LIFESTYLE
Differences Between Secondary and Primary Memory Difference between Primary and
TECH
Explore Asian & Pacific Islander Heritage with Google
PRODUCTIVITY
How to Surprise Mom on Mother’s Day: 12 Unique Ideas
Chocolate
Educating Your Children About the Value of Family
FAMILY
Lost your password?