Over the weekend, security site Palo Alto Networks detailed a new iOS malware that's able to infect non-jailbroken Apple devices using enterprise certificates and private APIs. It originated in Taiwan and China and was installed through several methods, including hijacking traffic from ISPs, an SNS worm on Windows, and offline app installation.
Called YiSpecter, the malware is able to download, install, and launch apps, doing things like replacing existing apps, displaying advertisements in legitimate apps, changing Safari's default engine, and uploading user information to remote servers.
/article-new/2015/10/yispecterpopupad.jpg?lossy)
In response to the detailing of YiSpecter, Apple has released an official statement to The Loop explaining that YiSpecter is only able to target iOS users who are running an older version of iOS that have also downloaded content from untrusted sources.
"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps."
Apple implemented fixes for YiSpecter in iOS 8.4, so iOS 8.4.1 and iOS 9 are immune to the malware. Users who want to avoid being targeted by YiSpecter should make sure to upgrade to the latest version of iOS and as always, should avoid downloading apps from unverified sources.
Top Rated Comments
(View all)"Apple implemented fixes for YiSpecter in iOS 8.4, so iOS 8.4.1 and iOS 9 are immune to the malware."
Actually, it's not; it's a compound sentence. Compound sentences are made out of two independent clauses (e.g. "Apple implemented fixes for YiSpecter in iOS 8.4" and "iOS 8.4.1 and iOS 9 are immune to the malware"). Between the two clauses, the coordinating conjunction "so" is inserted. As the first clause clearly states, the fix was implemented in iOS 8.4.Macrumors:
You need to fix this. Not only is it a run-on sentence, I can't tell if fix was in 8.4 or 8.4.1
exactly. 8% is still literally tens of millions of users. you can just close your eyes and pretend they aren't there, or that it's only 8%, but they are there.
Meanwhile, Android and Windows Phone have left phones just a year old with no further patches...forever.You mean the < 8% of people still on iOS7?
exactly. 8% is still literally tens of millions of users. you can just close your eyes and pretend they aren't there, or that it's only 8%, but they are there.Does this affect iOS 7, iOS 6, iOS 5, iOS 4, or iOS 3?
A device that cannot upgrade past iOS3 isn't really Apple's target market. Of course, I guess going back FOUR GENERATIONS isn't enough for some people. Those people are more than welcome to go use any of the myriad Android devices that lose support after a few months.Lots of iOS devices cannot upgrade past those.
MacRumors has become the go to spot for Language and Literature experts....
We've really arrived in a sad place when simple middle school grammar is considered "language and literature expertise."