The first iOS malware has been discovered
March 18, 2016 - Uncategorized
Security company Palo Alto Networks announced it found a Trojan that exploits flaws in Apple’s DRM without needing to abuse enterprise certificates, and they’re calling it “AceDeceiver.” Currently, AceDeceiver only activates when the device’s geotag is in China.
The process for how the malware works is a little complicated. According to Palo Alto Networks, AceDeceiver uses a mechanism called FairPlay Man-in-the-Middle, where attackers purchase apps and save the authorization code needed for it to work on an iOS device. Attackers can then use fake iTunes clients to send an authorization code to trick a victim’s device to make it believe it purchased the app, and then it will download it. Read more…