Hot off the heels of an XcodeGhost malware that infected over 40 popular Chinese apps, security firm, Palo Alto Networks, recently discovered yet another malware for iOS devices called YiSpecter. The malware exploit private APIs in iOS, and affects mostly users in China and Taiwan. Apple says that they are aware of the issue, and it has already been resolved in iOS 8.4.
According to Palo Alto Networks, the exploit will work on both jailbroken and non-jailbroken iOS devices. Once infected, YiSpecter can replace legitimate apps with malwares, force apps to display full-screen ads, change bookmarks and default search engines in Safari, and steal user information.
Don’t be too worried though, if you are running on the latest version of iOS, you should be safe from the attack. Apple confirms that they have already patched the exploit since iOS 8.4 update. For those who are running on iOS 8.3 and older, YiSpecter can only affect a device if users download apps from untrusted sources.
“This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps.” – Apple said in a statement.
Malware on your personal mobile devices can be a very scary thing, which is why you should keep your devices updated, and try not to jailbreak your iOS devices.