TechSpot

AceDeceiver, a new family of iOS malware, can infect iPhones right out of the box

By Shawn Knight
Mar 17, 2016
Post New Reply
  1. Security firm Palo Alto Networks recently discovered what it's calling a new family of iOS malware that's capable of infecting non-jailbroken (stock) devices. It's being dubbed AceDeceiver and according to the firm, it's the first iOS malware they've seen that abuses design flaws in FairPlay, Apple's digital rights management (DRM) technology.

    Palo Alto Networks said three different iOS apps in the AceDeceiver family were uploaded to Apple's App Store between July 2015 and February of this year disguised as wallpaper apps. The company said Apple removed the offending apps last month when they were made aware of them but not before they passed Apple's code review at least seven times.

    Just to be clear, the technique that AceDeceiver utilizes – taking advantage of the aforementioned FairPlay flaw – isn't new. It's called FairPlay man-in-the-middle (MITM) and has been used since 2013 to spread pirated iOS apps; this just appears to be the first time it's been exploited to spread malware.

    Because the FairPlay MITM attack only requires apps to have been available in the App Store once, the attack is still viable according to the security firm. The good news is that AceDeceiver is only targeting users in mainland China but the target would be easy for an attacker to change at any time.

    A detailed look at AceDeceiver's method of spreading, attacking and implementation is available for review on Palo Alto Networks' blog.

    Image courtesy Xaume Olleros, Getty Images

    Permalink to story.

     
  2. stewi0001

    stewi0001 TS Evangelist Posts: 1,183   +528

    So is America hacking China now? XD
     
  3. mrvco

    mrvco TS Rookie

    Did we ever stop? #technoexperts
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...