Click to Skip Ad
Closing in...
  1. AirPods Pro Prime Day Deal
    11:46 Deals

    AirPods Pro are back in stock at Amazon after selling out – and they’re $52 off

  2. Early Prime Day Deals
    08:06 Deals

    10 incredible early Prime Day deals that are about to end at Amazon

  3. Best Prime Day TV Deals
    16:38 Deals

    Best Prime Day TV deals: Samsung, LG, Vizio, and more

  4. Roomba Prime Day Deals
    11:20 Deals

    Amazon’s early Prime Day Roomba deals are so good, they’re starting to sell out

  5. Best Prime Day Apple Deals
    12:00 Deals

    Amazon Prime Day 2021: Best Apple deals




iPhone malware exists, but the risk is nothing like it is with Android

April 21st, 2014 at 9:55 AM
iOS 7 Unflod Baby Panda Malware

While most reports detail Android malware efforts from malicious parties looking to take advantage of Android’s popularity in order to steal personal data and money from users, iOS isn’t completely safe from malware. A Reddit user has discovered an application running in the background on an iOS device that turned out to be a malware application hunting for Apple IDs. However, there’s a big catch that allows the app to work: the attacked iOS devices have to be jailbroken first. Moreover, the user will have to download certain apps from untrusted sources after the jailbreak, to get this new piece of software.

“I’ve been having crashes in Snapchat and Google Hangouts starting within the last week or so, Reddit user tdvx wrote. “After uninstalling and reinstalling the last 30 tweaks I installed, nothing. So I opened up iCleaner and disabled every mobile substrate tweak, then re-enabled them in groups until I found the culprit. I can’t figure out what it does and google returns nothing. I’m keeping it disabled for now, but I’m just curious.”

The malicious app is called “Unflod Baby Panda,” which spread through Chinese iOS software sites, The Register reports. German security firm SektionEins says that the application listens in to SSL traffic, looking for Apple ID credentials. The firm believes that the app can also install other files on affected devices, which are yet to be discovered, but says that the malware can be manually cleared.

“Currently the jailbreak community believes that deleting the Unfold.dylib binary and changing the Apple IDs password afterwards is enough to recover from this attack,” the firm said. “However it is still unknown how the dynamic library ends up on the device in the first place and therefore it is also unknown if it comes with additional malware gifts.”

“We therefore believe that the only safe way of removal is a full restore, which means the removal and loss of the jailbreak.”

The good news for many iOS users is that the malware won’t work on most devices. In iOS 7.1, Apple patched the exploits used to jailbreak iOS 7, and hackers are yet to release a jailbreak version for iOS 7.1.

As of April 8, almost 60% of iOS devices were upgraded to iOS 7.1.

Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world. Whenever he's not writing about gadgets he miserably fails to stay away from them, although he desperately tries. But that's not necessarily a bad thing.




Popular News