Home / Technology / First iOS Malware AceDeceiver !!
First iOS Malware AceDeceiver 1

First iOS Malware AceDeceiver !!

First iOS Malware AceDeceiver

First iOS Malware AceDeceiver: So you thought your iPhone was safe. That iOS is malware proof. Sorry to break your heart all you Apple fanboys. According to latest reports, iPhone isn’t as safe from viruses as was once thought and believed. A security firm has released their reports about the existence of an iOS malware that can infect even fresh out-of-box non-jailbroken phones as well.

Read more: First iOS Malware AceDeceiver

A leading security company called Palo Alto Networks announced recently that it found a Trojan malware that exploits flaws in Apple’s Digital Rights Management scheme (DRM) that too without needing to abuse enterprise certificates. The malware is being called “AceDeceiver.” Although a slight reprieve as of now is that currently, this malware – AceDeceiver only gets activated when the iOS device’s geotag is set to China.

First iOS Malware AceDeceiver

First iOS Malware AceDeceiver

Not much is clear about the process for how the malware works. But according to Palo Alto Networks (the security company), this particular malware – AceDeceiver uses a mechanism known as FairPlay Man-in-the-Middle, where attackers purchase apps beforehand and store-saves the authorisation codes needed for the app to work on an iOS device. Users who download the client AiSiHelper, a program that is extremely similar to iTunes, unknowingly and inadvertently turn their own device into an infected computer. When they next plug in their iOS device, attackers can send an authorisation code to trick a victim’s device to make it believe it purchased the app, and then it will get download. Once the infected app has been downloaded on a victim’s phone, a prompt comes up asking the user for their Apple ID and password, which the attacker’s then will get access to.

First iOS Malware AceDeceiver

According to the security firm Palo Alto Networks, the method used in AceDeceiver has been used to pirate apps before as well, but this is the first time FairPlay MITM has been used maliciously. It also said that as this method is extremely simple it is likely to be copied by other attackers. AceDeceiver is right now only effective in China but could also be easily changed to work in other regions of the world, although the security company said its region-locked activation makes it harder to be discovered by Apple or security firms.

First iOS Malware AceDeceiver

Palo Alto Networks said that it notified Apple about AceDeceiver in late February and the AceDeceiver apps were promptly removed from the App Store. But one never knows. There might be many other similar malware apps already floating around working on a similar method.

 

Here’s a video by David Iannuzzi

What are your views?? Please comment !

About Harshit Gupta

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Right Click / Copy is Disabled !