AceDeceiver: A new iOS malware can infect even non-jailbroken devices without user confirmation.
AceDeceiver is fundamentally different from the latest malware για iOS επειδή αξιοποιεί προβλήματα στο software DRM της Apple και δεν κάνει κατάχρηση στα πιστοποιητικά των επιχειρήσεων, ένα κοινό τέχνασμα που χρησιμοποιούν τα iOS malware εδώ και δύο περίπου χρόνια.
AceDeceiver is the first iOS malware to exploit weaknesses in FairPlay, the system προστασίας DRM της Apple για να εγκαταστήσει κακόβουλες εφαρμογές στις iOS συσκευές, ανεξάρτητα από το αν είναι ή όχι jailbroken. (Δεν απαιτεί root)
Apple naturally removed AppEceiver from App Store, but malware is still spreading, according to Palo Alto Networks security researchers who discovered it.
Malware needed the App Store only once to spread, simply requiring the victim to install an application on his computer. After that, iOS device infestation is completed in the background without the user's awareness and with the only indication of a new icon on the home screen of the device that the user does not remember that it has lowered it.
The hacking technique used by AceDeceiver is called "FairPlay Man-in-the-middle (MITM)", and has been used to install pirated applications on iOS since 2013. But this is the first time it has been used to spread malware .
Three different iOS apps containing AceDeceiver were uploaded to Apple's official App Store between July 2015 and February 2016. All three were apps for wallpapers.
These apps managed to bypass Apple's security measures at least seven times, according to Palo Alto. AceDeceiver's success provides data which prove that hackers have developed new techniques to bypass Apple's code review process for apps before they are uploaded to the App Store.