After reports of overheating Touch ID buttons among iPhone 6S and iPhone 6S Plus users in the U.S., it's the turn of Chinese owners of Apple devices to be hit by a malware.
Wired reports that in September, two iOS mass malware infections affected users of iPhone and iPad in China. This is the first time that Apple devices running on iOS have been hit by a malware despite tight security.
The malware YiSpecter tricks device owners into going around App Store's tightly controlled environment by tempting them to install a porn video player. In some instances, the malware was hidden through a sexy video app in pop-up advertisement found via Chinese internet service providers, according to Palo Alto Networks.
To go around App Store, the malware use an enterprise certificate that allows firms and agencies to install customs programs on employees' devices without the signoff of the Cupertino-based tech giant. QVOD, a malicious video player, then secretly installs its hidden apps that take advantage of exposed APIs in the phone's OS, giving it limited visibility into activities of other apps on the device.
When those apps are launched, YiSpector would insert fullscreen ads over them. For jailbroken phones, YiSpector swaps out Safari's default search engine Baidu, the local search engine. Even if the phone owner deletes those app, other invisible apps were programmed to reinstall the apps.
Apple advised phone owners to install only iOS 8.3 to avoid the YiSpecter malware. The company also said in a statement that it released iOS 8.4 as fixes for YiSpecter malware, making iOS 4.1 and iOS 9 immune to the malware, reports Macrumors.
Commenting on how some Chinese iPhone and iPad users were ticked into trusting an enterprise certificate from unknown firms, iOS forensic expert and security consultant Jonathan Zdziarski explains, "The sexual appeal seems to have overwhelmed their brains ... They overlooked the fact that they were skipping over an important security mechanism."