The first iOS malware has been discovered

Your iPhone isn’t as safe from viruses as you thought. A security firm has confirmed the existence of iOS malware that can infect even non-jailbroken phones.

Security company Palo Alto Networks announced it found a Trojan that exploits flaws in Apple’s DRM without needing to abuse enterprise certificates, and they’re calling it “AceDeceiver.” Currently, AceDeceiver only activates when the device’s geotag is in China.

The process for how the malware works is a little complicated. According to Palo Alto Networks, AceDeceiver uses a mechanism called FairPlayMan-in-the-Middle, where attackers purchase apps and save the authorization code needed for it to work on an iOS device. People who download the client AiSiHelper, a program that mimics iTunes, will now be in possession of an infected computer. When they plug in their iOS device, attackers can send an authorization code to trick a victim’s device to make it believe it purchased the app, and then it will download it.

Once the app has been downloaded on a victim’s phone, it will prompt them for their Apple ID and password, which the attacker’s then have access to.

[Read More]