AceDeceiver: A new iOS malware can infect even non-jailbroken devices without user confirmation.
AceDeceiver is fundamentally different from the latest malicious software for iOS because it exploits problems in Apple's DRM software and does not abuse business certificates, a common trick that has been using iOS malware for about two years.
AceDeceiver is the first malware for iOS to exploit flaws in FairPlay, Apple's DRM protection system to install malicious apps on iOS devices, whether or not jailbroken is. (Does not require root)
Apple naturally removed AppEceiver from App Store, but malware is still spreading, according to Palo Alto Networks security researchers who discovered it.
The malware only needed the App Store once to spread, simply requiring the victim to install an app on their computer. After that, the infection of iOS devices is completed at background, χωρίς την επίγνωση του χρήστη και με μόνη ένδειξη ένα νέο εικονίδιο στην αρχική οθόνη της devices that the user does not remember that he downloaded it.
The hacking technique that usesται από το AceDeceiver, ονομάζεται “FairPlay Man-in-the-middle (MITM)”, and has been used to install pirated apps on iOS since 2013. But this is the first time it has been used to spread malware.
Three different iOS apps containing AceDeceiver were uploaded to Apple's official App Store between July 2015 and February 2016. All three were apps for wallpapers.
These applications managed to bypass Apple's security measures at least seven times, according to Palo Alto. AceDeceiver's success provides evidence that hackers have developed new techniques to bypass Apple's app code review process before climbing into the App Store.