• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   iOS

Identifying Top Vulnerabilities in Networks: Old Vulnerabilities, IoT Botnets, Wireless Connection Exploits
  • Posted on:May 29, 2018 at 3:00 am
  • Posted in:Internet of Things, Vulnerabilities
  • Author:
    Trend Micro
0

Our findings homed in on known vulnerabilities, IoT botnets with top vulnerability detections, and devices that are affected.
From April 1 to May 15, we observed that 30 percent of home networks had at least one vulnerability detection. A detection would mean that we found at least one connected device being accessed through a vulnerability in the network. Our scanning covered different operating systems (OSs), including Linux, Mac, Windows, Android, iOS, and other software development kit (SDK) platforms.

Read More
Tags: androidApplebotnetiOSMobile

App Stores that Formerly Coddled ZNIU Found Distributing a New iXintpwn/YJSNPI Variant
  • Posted on:November 2, 2017 at 5:00 am
  • Posted in:Bad Sites, Malware, Mobile
  • Author:
    Mobile Threat Response Team
0

We covered iXintpwn/YJSNPI in a previous blog post and looked into how it renders an iOS device unresponsive by overflowing it with icons. This threat comes in the form of an unsigned profile that crashes the standard application that manages the iOS home screen when installed. The malicious profile also exploits certain features to make iXintpwn/YJSNPI more difficult to uninstall.

We recently discovered a new variant of iXintpwn/YJSNPI (detected by Trend Micro as IOS_YJSNPI.A) that uses a signed profile to conduct different attacks compared to its predecessor. IOS_YJSNPI.A is extracted from either of the two app stores—hxxp://m[.]3454[.]com and hxxp://m[.]973[.]com. Based on our analysis, this new variant’s main purpose is not to damage users’ operating systems, but to lure users into downloading repackaged apps.

Read More
Tags: androidapp storesiOSMalwareMobile

iXintpwn/YJSNPI Abuses iOS’s Config Profile, can Crash Devices
  • Posted on:September 18, 2017 at 3:05 am
  • Posted in:Mobile
  • Author:
    Trend Micro
0

While iOS devices generally see relatively fewer threats because of the platform’s walled garden approach in terms of how apps are installed, it’s not entirely unbreachable. We saw a number of threats that successfully scaled the walls in 2016, from those that abused enterprise certificates to ones that exploited vulnerabilities to curtail Apple’s stringent control over its platforms.

This is further exemplified by iXintpwn/YJSNPI (detected by Trend Micro as TROJ_YJSNPI.A), a malicious profile that can render the iOS device unresponsive. It was part of the remnants of the work of a Japanese script kiddie who was arrested in early June this year.

While iXintpwn/YJSNPI seems currently concentrated in Japan, it won’t surprise anyone if it spreads beyond the country given how it proliferated in social media.

Read More
Tags: AppleiOSiOS Configuration ProfileiXintpwnYJSNPI

Third-Party App Stores Delivered via the iOS App Store
  • Posted on:March 23, 2017 at 6:00 am
  • Posted in:Malware, Mobile
  • Author:
    Lilang Wu (Mobile Threat Response Engineer)
0

The iOS ecosystem is usually described as a closed ecosystem, under the strict control of Apple. However, there are still ways to get around this tight control. Remember the Haima app? That method relied on enterprise certificates from Apple—which are costly, since the certificates needed are changed very frequently.

We are currently seeing how third-party app stores are improving. Recently, we saw an app that leads to a third-party app store being offered on the official iOS App Store. To evade detection, this app was concealed as a legitimate app. In at least one case, an app used for jailbreaking was available via this third-party app store.

Read More
Tags: iOSthird-party app store

In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope
  • Posted on:January 18, 2017 at 12:07 am
  • Posted in:Malware, Mobile
  • Author:
    Mobile Threat Response Team
0

65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and analyzed hit the 19.2 million mark—a huge leap from the 10.7 million samples collected in 2015.

Indeed, the ubiquity of mobile devices among individual users and organizations, along with advances in technologies that power them, reflect the exponential proliferation, increasing complexity and expanding capabilities of mobile threats.

While the routines and infection chain of mobile threats are familiar territory, 2016 brought threats with increased diversity, scale, and scope to the mobile landscape. More enterprises felt the brunt of mobile malware as BYOD and company-owned devices become more commonplace, while ransomware became rampant as the mobile user base continued to become a viable target for cybercriminals. More vulnerabilities were also discovered and disclosed, enabling bad guys to broaden their attack vectors, fine-tune their malware, increase their distribution methods, and in particular, invade iOS’s walled garden.

Read More
Tags: androidbanking TrojaniOSMobilemobile ransomware
Page 1 of 512 › »

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Drupal Vulnerability (CVE-2019-6340) Can Be Exploited for Remote Code Execution
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Google Play Apps Drop Anubis Banking Malware, Use Motion-based Evasion Tactics
  • Identifying Top Vulnerabilities in Networks: Old Vulnerabilities, IoT Botnets, Wireless Connection Exploits
  • Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.