After years of being spared the malicious malware attacks that have blighted Android phones, Apple users are now being warned about new threats to iOS software.
The latest computer virus hitting iPhones users is particularly nasty because unlike earlier malware it doesn’t rely on the owner downloading dodgy apps or jailbreaking their phone, the Daily Mail reports.
It’s called the ‘AceDeceiver’, and it’s perfectly capable of installing itself on a phone by infecting the user’s computer first, although thankfully at the moment the virus has only been found in China.
Apple has removed AceDeceiver from the App Store, after it was discovered by security company Palo Alto Networks but they are worried that it may have spread.
Jonathan Ździarski, author of a book on hacking iOS devices and how to prevent it, wrote about the virus on his blog.
In its present form, you’d have to be dumb enough to install a Chinese pirate app store in order to have to worry about this…But in a more malicious form, something like it could potentially be embedded as a trojan in legitimate software.
AceDeceiver is he first virus to take advantage of a particular design flaw in Apple’s security system, called FairPlay. The technique, called ‘FairPlay Man in the Middle’ (MITM) has been used since 2013 to spread pirated apps on iOS.
But this is the first time its been used to spread malware.
The technigue works like this, Apple lets customers download apps through iTunes on to their computer, which they can then intall on other devices. This works because these devices request an authorisation code for each app installed, to prove it was purchased.
In the FairPlay MITM attack, hackers will buy an app from the store and then intercept and save the authorisation code. They then create software for the computer that simulates iTunes, and tricks the iOS device into thinking the app was bought by the victim.
Think of the attack as forging a receipt, like paying for a set of towels at Target, then returning a different set,
Apple has no way to check the towels (your apps) to make sure they’re the same ones, so the iPhone lets the app run since you have a valid receipt.Advertisement
It’s even worse than this, because the receipts aren’t tied to your iTunes account – you can pull someone else’s receipt out of the trash and return towels you never purchased. It’s this receipt that is re-used to install the malware’s own software on your iPhone by impersonating iTunes.
Currently, the malware has only been spotted in China, but Palo Alto Networks warns that with a few tweaks it could affect U.S. and UK iPhone users as well, so it’s probably best to keep an eye on what you’re downloading.