• TV
  • MOVIES
  • MUSIC
  • SHOWBIZ
  • SOAPS
  • GAMING
  • TECH
  • FORUMS
  • Follow
    • Follow
    • facebook
    • twitter
    • google+
    • instagram
    • youtube
Hearst Corporation
  • TV
  • MOVIES
  • MUSIC
  • SHOWBIZ
  • SOAPS
  • GAMING
  • TECH
  • FORUMS
Forums
  • Register
  • Login
  • Forums
  • Gadgets
  • Mobile Phones
iPhone Malware Is Hitting China - Let’s Not Be Next
Mark in Essex
07-10-2015
Just cut and pasted it from the news.

Had a quick read and it looks like iPhones that have not even been Jailbroken in China can get infected by simply clicking on a popup window (but you never know with the hyped up rubbish that's normally in the news).

Just to make people aware.

http://www.wired.com/2015/10/iphone-...lets-not-next/

By the sound of it it's only older versions of IOS that it's easy to get infected with, but newer versions are still not immune (reading you have to select YES to get infected on newer versions).
BKM
07-10-2015
Originally Posted by Mark in Essex:
“Just cut and pasted it from the news.

Had a quick read and it looks like iPhones that have not even been Jailbroken in China can get infected by simply clicking on a popup window (but you never know with the hyped up rubbish that's normally in the news). ”

I am afraid you are well out of date!! This was fully discussed here about two weeks ago.

It has all been fixed by Apple and no longer applies. Basically Apple review all AppStore new Aps and revisions of existing ones and, very briefly, people worked out how to defeat this.
Stuart_h
07-10-2015
Originally Posted by BKM:
“I am afraid you are well out of date!! This was fully discussed here about two weeks ago.

It has all been fixed by Apple and no longer applies. Basically Apple review all AppStore new Aps and revisions of existing ones and, very briefly, people worked out how to defeat this.”

The article was, in part, discussing the aftermath of the recent breaches and the impacts moving forward. It wasn't scaremongering about a current issue ..... It was actually quite an interesting read.
Mark in Essex
07-10-2015
Originally Posted by BKM:
“I am afraid you are well out of date!! This was fully discussed here about two weeks ago.

It has all been fixed by Apple and no longer applies. Basically Apple review all AppStore new Aps and revisions of existing ones and, very briefly, people worked out how to defeat this.”

I thought it was a new article as it was dated yesterday and did not seem to be to do with the last App Store malware - this looked like you can get malware just by clicking on a popup link on the Internet?
Stig
07-10-2015
Originally Posted by Mark in Essex:
“I thought it was a new article as it was dated yesterday and did not seem to be to do with the last App Store malware - this looked like you can get malware just by clicking on a popup link on the Internet?”

Yes, this is different from the one we discussed:
Quote:
“In at least the most recent of these two attacks, victims did have to make an almost comical series of blunders to have their phone hacked. The malware, which Palo Alto Networks called YiSpecter in its detailed writeup, tricked users into circumventing Apple’s tightly controlled App Store to install a porn video player. (In some cases the hackers used local internet service providers in China, which are known to hijack traffic to insert ads on websites, to advertise the sexy video app in pop-up prompts.) If the user fell for that lure, the hackers managed to skirt Apple’s App Store and install the app by using a so-called “enterprise certificate,” a system that allows companies and agencies to install their own custom programs on employees’ phones without Apple’s signoff.”

clonmult
07-10-2015
Originally Posted by BKM:
“I am afraid you are well out of date!! This was fully discussed here about two weeks ago.

It has all been fixed by Apple and no longer applies. Basically Apple review all AppStore new Aps and revisions of existing ones and, very briefly, people worked out how to defeat this.”

Different issue, but iirc it relates to some enterprise features that not all will have enabled.
jchamier
07-10-2015
Originally Posted by clonmult:
“Different issue, but iirc it relates to some enterprise features that not all will have enabled.”

Enterprise provisioning profiles allow companies an ability to have an internal "app store" and deploy "managed applications" which are categorised separately by iOS. These applications don't back up to iCloud or iTunes and can share data with other managed apps, but not unmanaged apps.

Someone shipped out a profile and convinced people to install it, which means it was social engineering.

Weak point is always the human.
VIEW DESKTOP SITE TOP

JOIN US HERE

  • Facebook
  • Twitter

Hearst Corporation

Hearst Corporation

DIGITAL SPY, PART OF THE HEARST UK ENTERTAINMENT NETWORK

© 2015 Hearst Magazines UK is the trading name of the National Magazine Company Ltd, 72 Broadwick Street, London, W1F 9EP. Registered in England 112955. All rights reserved.

  • Terms & Conditions
  • Privacy Policy
  • Cookie Policy
  • Complaints
  • Site Map