Click to Skip Ad
Closing in...

New malware can infect iPhones without requiring a jailbreak

Updated Dec 19th, 2018 9:14PM EST

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

The iPhone is generally safer than Android when it comes to malware infections though Apple’s smartphone isn’t impervious to such threats. We’ve seen various malware attacks in the past, some of them targeting jailbroken iPhones, or Apple’s older versions of Xcode to sneak malicious apps in the App Store.

A brand new malware strain was just discovered, a sneaky attacks that fooled not only Apple’s app review team into allowing malware apps into the App Store, but that can also quietly install apps on any iOS device without the user’s explicit knowledge or permission. A jailbreak status is not even needed for the attack to work.

DON’T MISS: How to see exactly how much money you’ve spent at Amazon in your life

Discovered by security researchers at Palo Alto Networks, the attack requires a PC to deploy the software. Called AceDeceiver, the malware is currently affecting users in China.

What hackers manage to achieve was to crack Apple’s FairPlay digital rights management (DRM) system with a technique called FairPlay Man-in-the-Middle, as shown in the image below.

In the FairPlay MITM attack, hackers purchase an app from the store and then intercept and save the authorization code, which Apple sends over to a PC each time an app purchase procedure is initiated.

Furthermore, the hackers created PC software that simulates the iTunes client, and then tricks iOS devices to believe the malware iOS app that’s about to be downloaded is a genuine purchase. This is how malicious apps can end up on iOS devices without a user knowing what happened. He or she would see the new app icon, but only after the installation.

Palo Alto Networks discovered that from July 2015 to February 2016, three AceDeceiver iOS app were accepted in the official iOS App Store, posing as wallpaper apps, and offering attackers the fake authorization codes that are needed in these attack. The apps bypassed Apple’s review team at least seven times, by using a handy trick: the app uses geofencing to target its attacks, tailoring its behavior depending on geographical region. In these cases, the apps only had malicious components for users located in China.

Apple removed the apps, but the AceDeceiver attack remains a danger to Chinese iPhone users, as the hackers still have authorization codes from Apple.

The second part of the assault that installs malicious code on iPhones is a Windows app that’s supposedly helping users manage their iOS devices. Called Aisi Helper, the app touts reinstall, jailbreak, system backup, device management and system cleaning powers.

But it’s this app that works in connection with the stolen certificates that can silently install malicious iOS applications on the iPhone. The malicious apps provide a link to a third-party app store, where unsuspecting clients could be fooled into entering their Apple ID credentials.

More details about this new iPhone threat are available at the source link.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.