Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.mac.system > #81685
| From | nospam <nospam@nospam.invalid> |
|---|---|
| Newsgroups | alt.comp.freeware, comp.sys.mac.system, alt.hacker, alt.privacy.anon-server, comp.os.linux.advocacy |
| Subject | Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices |
| Date | 2015-10-05 19:36 -0400 |
| Organization | A noiseless patient Spider |
| Message-ID | <051020151936059090%nospam@nospam.invalid> (permalink) |
| References | <c6e99f3bdea56102996b09469de159ad@foto.nl1.torservers.net> <d7frg4Fbto2U7@mid.individual.net> |
Cross-posted to 5 groups.
In article <d7frg4Fbto2U7@mid.individual.net>, Jolly Roger <jollyroger@pobox.com> wrote: > > Apple's iOS mobile operating system is under attack in China and > > Taiwan, according to security firm Palo Alto Networks. > > > > The company identified malware, dubbed YiSpecter, which?unlike > > most other malware affecting iOS devices?can target non- > > jailbroken iPhones and iPads. > > > > http://www.pcmag.com/article2/0,2817,2492540,00.asp > > YiSpecter uses an enterprise provisioning certificate, which is designed > to give enterprises a way to bypass the App Store and associated > approval processes to easily distribute apps to employees of a company. > They also allow companies to set key rules like lock screen password or > PIN security and other policies. Enterprise certificates cost the > developer $500 a year and will be revoked by Apple if they are caught > abusing them. > > The apps in question require the user to first install an Enterprise > provisioning certificate, which iOS presents as an UNTRUSTED certificate > that requires the user to actively tap "Trust" to continue. Users can > also list and manage installed provisioning profiles in Settings > > General > Profiles. > > Assuming the user installed this untrusted provisioning profile, the > user must then download the offending app that must be signed by the > same certificate - so that one company's apps cannot be installed via > another company's certificate - from some place *other* than the Apple > App Store. > > Enterprise certificates automatically expire after one year. So the user > will have to download and "Trust" another certificate (assuming Apple > allows another to be created) for every year afterward. > > Apple to revoke said certificate in 3... 2... 1... apple said the issue was fixed months ago in ios 8.4: This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps
Back to comp.sys.mac.system | Previous | Next — Previous in thread | Next in thread | Find similar
YiSpecter Malware Targets Non-Jailbroken iOS Devices Anonymous <anonymous@foto.nl1.torservers.net> - 2015-10-05 13:32 -0400
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices Jolly Roger <jollyroger@pobox.com> - 2015-10-05 17:48 +0000
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices Lloyd Parsons <lloydp211@gmail.com> - 2015-10-05 17:58 +0000
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices Big Bad Bob <BigBadBob-at-mrp3-dot-com@testing.local> - 2015-10-05 15:17 -0700
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices Jolly Roger <jollyroger@pobox.com> - 2015-10-05 22:30 +0000
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices nospam <nospam@nospam.invalid> - 2015-10-05 19:36 -0400
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices Jolly Roger <jollyroger@pobox.com> - 2015-10-06 00:08 +0000
Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices Savageduck <savageduck1@{REMOVESPAM}me.com> - 2015-10-05 13:11 -0700
csiph-web