|
|
|||||||
|
|
أدوات الموضوع | انواع عرض الموضوع |
|
#1
03-16-2016, 10:00 PM
|
|||
|
|||
'AceDeceiver' iOS Trojan Spotted in China, Bypasses Apple's DRM Mechanism
A new iOS Trojan has been found in the wild that's able to infect **n-jailbroken iOS devices through PCs without the need to exploit an enterprise certificate. Named "AceDeceiver," the malware was discovered by Palo Alto Networks and is currently affecting iOS users in China.
AceDeceiver infects an iOS device by taking advantage of flaws in FairPlay, Apple's digital rights management (DRM) system. According to Palo Alto Networks, it uses a technique called "FairPlay Man-in-the-Middle," which has been used to spread pirated iOS apps in the past by using fake iTunes software and spoofed authorization codes to get the apps on iOS devices. The same technique is **w being used to spread the AceDeceiver malware.  Apple allows users purchase and download iOS apps from their App Store through the iTunes client running in their computer. They then can use the computers to install the apps onto their iOS devices. iOS devices will request an authorization code for each app installed to prove the app was actually purchased. In the FairPlay MITM attack, attackers purchase an app from App Store then intercept and save the authorization code.From July of 2015 to February of 2016, three AceDeceiver iOS apps were uploaded to the official iOS App Store, posing as wallpaper apps and providing attackers with a fake authorization code to use in the AceDeceiver attacks. A ******* iPhone management app called "Aisi Helper" that claimed to provide services like system backup and cleaning was installed by users in China, and it went on to install malicious iOS apps on connected devices offering a third-party App Store with free content as bait. The third-party App Store app requested users to input their Apple ID and password, information that was uploaded to the AceDeceiver server. Though Apple ******* the apps from the App Store in February, the attack remains active because attackers still have the authorization code, AceDeceiver only affects users in China, but Palo Alto Networks believes the AceDeceiver Trojan or similar malware could spread around to additional regions. It is especially insidious as it has **t been *****ed (and could work on older versions of iOS even when *****ed), installs apps automatically from an infected computer, and does **t require an enterprise certificate.  An AceDeceiver third-party App Store app installed automatically on an iOS device through a computer using the Aisi Helper MalwareAceDeceiver in its current incarnation requires users to download the Aisi Helper ******* app to their computers before the malware can spread to iOS devices, so people who have downloaded this software should remove it immediately and change their Apple ID passwords. In the future, AceDeceiver can be avoided by **t downloading suspicious software. Palo Alto Networks has a full rundown of AceDeceiver, its history, and how it works on the Palo Alto Networks website. It's well worth reading for anyone who wants more information about the malware. Tags: Palo Alto Networks, malware Discuss this article in our forums أكثر... ??????? ??????: 'AceDeceiver' iOS Trojan Spotted in China, Bypasses Apple's DRM Mechanism || ??????: ahlam1399 || ??????: اسم منتداك
|
|
|
العرض الشجري