Apple acknowledges 'YiSpecter' iOS malware, says issue unlikely to affect most people
A piece of recently-identified iOS malware, known as YiSpecter, is not a major threat despite its ability to attack both jailbroken and factory stock devices, Apple said on Monday.
"This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources," a representative explained to The Loop. "We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps."
Recently, security researchers with Palo Alto Networks described YiSpecter as the first malware in the wild to exploit private APIs in iOS. It has actually been in the wild for over 10 months — mainly impacting people in China and Taiwan — but allegedly escaped detection by most security vendors. China is known to have a large market for pirated apps.
Once YiSpecter is onboard, the code can download, install, and launch apps, or even replace existing software. It can also open pages and change Safari settings, upload device information to a remote server, and flash fullscreen ads when launching an otherwise normal app. The malware will automatically reappear if it's deleted manually.
Apple's statement comes on the heels of the company addressing XcodeGhost, a malware infection that infiltrated the App Store through modified versions of its Xcode development tool. Apple regularly uses the security of iOS and the App Store as a selling point versus Google's Android platform.