Abuse of the iOS URL Scheme can potentially result in the loss of privacy, bill fraud, exposure to pop-up ads, and more.Read More
Our findings homed in on known vulnerabilities, IoT botnets with top vulnerability detections, and devices that are affected.
From April 1 to May 15, we observed that 30 percent of home networks had at least one vulnerability detection. A detection would mean that we found at least one connected device being accessed through a vulnerability in the network. Our scanning covered different operating systems (OSs), including Linux, Mac, Windows, Android, iOS, and other software development kit (SDK) platforms.
We covered iXintpwn/YJSNPI in a previous blog post and looked into how it renders an iOS device unresponsive by overflowing it with icons. This threat comes in the form of an unsigned profile that crashes the standard application that manages the iOS home screen when installed. The malicious profile also exploits certain features to make iXintpwn/YJSNPI more difficult to uninstall.
We recently discovered a new variant of iXintpwn/YJSNPI (detected by Trend Micro as IOS_YJSNPI.A) that uses a signed profile to conduct different attacks compared to its predecessor. IOS_YJSNPI.A is extracted from either of the two app stores—hxxp://m[.]3454[.]com and hxxp://m[.]973[.]com. Based on our analysis, this new variant’s main purpose is not to damage users’ operating systems, but to lure users into downloading repackaged apps.Read More
While iOS devices generally see relatively fewer threats because of the platform’s walled garden approach in terms of how apps are installed, it’s not entirely unbreachable. We saw a number of threats that successfully scaled the walls in 2016, from those that abused enterprise certificates to ones that exploited vulnerabilities to curtail Apple’s stringent control over its platforms.
This is further exemplified by iXintpwn/YJSNPI (detected by Trend Micro as TROJ_YJSNPI.A), a malicious profile that can render the iOS device unresponsive. It was part of the remnants of the work of a Japanese script kiddie who was arrested in early June this year.
While iXintpwn/YJSNPI seems currently concentrated in Japan, it won’t surprise anyone if it spreads beyond the country given how it proliferated in social media.Read More
The iOS ecosystem is usually described as a closed ecosystem, under the strict control of Apple. However, there are still ways to get around this tight control. Remember the Haima app? That method relied on enterprise certificates from Apple—which are costly, since the certificates needed are changed very frequently.
We are currently seeing how third-party app stores are improving. Recently, we saw an app that leads to a third-party app store being offered on the official iOS App Store. To evade detection, this app was concealed as a legitimate app. In at least one case, an app used for jailbreaking was available via this third-party app store.Read More