New Malware 'YiSpecter' Discovered Attacking iOS Devices
Reports have emerged that a new type of malware dubbed the "YiSpecter" has been attacking iOS devices in China and Taiwan.
Following the "XcodeGhost" malware infestation on the Apple App Store last month, a new malware was discovered targeting iOS devices, either jailbroken or non-jailbroken.
Said to have been running wild since January this year, the iOS malware, known as the "YiSpecter," began infecting Apple devices in China and Taiwan, exploiting the brand's private API's to activate malicious functionalities.
According to cybersecurity company, Palo Alto Networks, "YiSpecter" has been found in older iOS versions, including in devices that have been used to download content from untrusted sources.
Once it is integrated into an iOS device, the "YiSpecter" begins installing unwanted apps, replacing legitimate software with the apps it has downloaded. It also changes users' default search engines and bookmarks, as well as forces existing apps to show full-screen ads on the device's display.
It also compromises a iOS devices' security by sending users' sensitive information to a central server, and despite detection and manual deletion, "YiSpecter" continues to automatically reappear on iOS devices.
Palo Alto has declared the "YiSpecter" to be unusual in that it misuses private APIs and enterprise certificates, which allows components of the malware to disguise themselves with logos and names of legitimate apps while continuing to multiply from a centralized server, thus infecting even more devices, and severely compromising iOS security.
Palo Alto further continued that only one in 57 VirusTotal security vendors have detected the "YiSpecter" even after a full scan.
Apple has since acknowledged the newly-identified malware but claims the "YiSpecter" isn't a huge threat and is unlikely to affect a majority of iOS devices.
The Cupertino, California company has announced the issue only impacts older iOS versions, and it has since blocked apps that have been identified to be distributing the "YiSpecter."
Apple further encouraged its customers to download the most recent iOS version to acquire the latest security updates and to only download from trusted sources, such as the Apple App Store.