Ένα νέο malware που στοχεύει jailbroken iOS Appliances of apple, έκανε την εμφάνιση του. Το malware στοχεύει τα διαπιστευτήρια των χρηστών, και ανακαλύφθηκε για πρώτη φορά από χρήστες του Reddit.
Η Reddit Jailbreak community discovered it malware and named it "Unflod Baby Panda.” Το κακόβουλο λογισμικό βρέθηκε σε ορισμένες jailbroken συσκευές iOS της Apple, την Πέμπτη που μας περασε, όταν μερικοί χρήστες παρατηρήσαν μια ασυνήθιστη δραστηριότητα που προκαλούσε το κρασάρισμα εφαρμογών όπως το Snapchat και το Google Hangouts.
A little later a developer discovered a mysterious file named “Unfold.dylib” on his jailbroken device and found that it collects Apple IDs and codeς πρόσβασης από όλες από τις συνδέσεις που υπάρχουν στην μολυσμένη συσκευή και χρησιμοποιούν το Secure Socket Layer (SSL) για την κρυπτογράφηση των επικοινωνιών. Σύμφωνα με τους ερευνητές της γερμανικής εταιρείας security SektionEins, το κακόβουλο λογισμικό πιστεύεται ότι εξαπλώνεται μέσω κινεζικων ιστοσελίδων λογισμικού iOS.
The researchers found that the login information collected by the malware was sent to a server with IP "23.88.10.4" which was apparently managed by the Chinese. Continuing the investigation, they discovered that the malware is digitally signed by Wang Xin, as reported by THN.
"Currently, the Reddit Jailbreak community believes that deleting binary Unfold.dylib and changing your Apple ID password is enough to stop this attack. However, it is still unknown how the malware was found on the infected devices and therefore it is unknown whether in addition to this it has another useful (for hackers) load ", write the researchers.
"We therefore believe that the only safe way to remove it is a complete restore of the device, which means that you will lose the jailbreak."
Devices Affected
Owners of iPhone 5 and any other 32-bit device that is jailbroken iOS may be affected by malicious software. Owners of these devices will need to change their Apple ID password immediately after removing the malicious software using the steps listed below.
Owners of the latest iPhone with 64-bit processors such as iPhone 5S, iPad Air and iPad Mini Retina are not at risk from malware.
How to Remove Malware
- Download it free application iFile from Cydia.
- Go to / Library / MobileSubstrate / DynamicLibraries /
- If you find files named Unflod.dylib or Unflod.plist or framework.dylib and framework.plist then you are infected.
- Use iFile to delete Unflod.dylib or Unflod.plist or framework.dylib and framework.plist
- Restart your device and then change your Apple ID password and security questions.
