A Bite Out Of Apple
Cybersecurity research company, Palo Alto Networks, have discovered a flaw in the Apple iOS system. Their research team showed their results on Wednesday and they said that the new malware might even affect Apple devices that are not jailbroken.
The newly discovered malware can affect even those Apple devices that are not considered to be tampered with, “jailbroken devices.” A jailbroken device is one whereby the system is modified without Apple’s consent and knowledge. This allows the owner of the jailbroken device access to applications that are not available at the Apple Store. As you would expect Apple discourages users from jailbreaking their devices as it puts them at greater risk of security of vulnerabilities as it would not be able to protect the device if hit by malware.
However, the new malware that the research company has discovered, the AceDeceiver, can also affect those devices that are not jailbroken. This is a big worrying issue and a point of concern because this shows that hackers are finally finding a way through the once impenetrable iOS.
Hackers have primarily targeted Android in the yesteryears because it’s open and you can download apps from anywhere, but it shows now that they are also shifting their focus to the Apple software. This might also be because Apple products are very popular therefore being able to hack them would mean a big bounty for them.
A Difficult Time
The news comes at a time when security firm Bit9 + Carbon Black just showed results of findings that showed that the number of affected iOS devices that were affected in 2015 were higher than the number of the five years before that in total. You can add this malware to the 2016 list also. The only good part so far is that the AceDeceiver malware only affects users in China.
For the malware to be able to spread to an iOS device, users would have installed a corrupted program on Windows powered computers which claims to help and manage their iOS device. The malicious program instead installs “malicious apps on any iOS device that is connected to the computer. In essence, for the device to spread there has to be the connection with a PC. The AceDeceiver then asks users to give their Apple ID and passwords which give them access to private information.
Apple has removed all bogus applications from the App Store, but research shows that these can still be used from Windows. This malicious software only requires that the apps have been available on the AppStore before. Apple will possibly do something about the malicious app and could not be reached for comment.
Of course, there’s no harm in getting a VPN to protect your iOS device. In fact, we would strongly recommend it.
