Latest in Gear

Image credit:

iOS malware uses copy protection to infect 'pure' devices

AceDeceiver uses exploits in Apple's FairPlay system to install rogue apps, even without a jailbreak.
Share
Tweet
Share

Sponsored Links

Xaume Olleros/Bloomberg via Getty Images

Ne'er-do-wells have so far exploited holes in Apple's FairPlay copy protection primarily to distribute pirated iOS apps, but it now looks like they're turning their energy toward hurting users. Palo Alto Networks says it has discovered AceDeceiver, the first malware that uses FairPlay to infect its targets. Install a bogus iOS management utility for Windows (Aisi Helper) and the software will launch a man-in-the middle attack that grabs app authorization codes and uses those to install infected apps on any iOS device you connect to the system. Unlike many iOS attacks, this doesn't require that the target use a jailbroken device -- the apps are allowed to run as if they were completely legitimate.

It's particularly sneaky, too. While Apple has already pulled relevant apps from the App Store, it doesn't need them to stick around to work. Also, it's not so easy for Apple to catch offenders in the approval process. The example apps purposefully limited their hostile behavior to users located in China, so App Store screeners in California weren't likely to spot any malicious activity.

Palo Alto reported the issue to Apple in late February, but it's not clear whether there's a permanent solution in the works. We've reached out to Apple for details, and we'll let you know if it has something to share. Either way, the practical risk is low in the short term -- don't install Aisi Helper or similar apps. The concern is that intruders will take advantage of inexperienced users, or that a more sophisticated future attack won't require that you install a program first.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Roku is giving away 30 days of premium video

Roku is giving away 30 days of premium video

View
NASA warns Moon base plans might slip by a year

NASA warns Moon base plans might slip by a year

View
Lab-in-a-box test can detect COVID-19 in 5 minutes

Lab-in-a-box test can detect COVID-19 in 5 minutes

View
Google rolls out Drive shortcuts ahead of folder structure changes

Google rolls out Drive shortcuts ahead of folder structure changes

View
SpaceX launches its original Dragon capsule for the last time

SpaceX launches its original Dragon capsule for the last time

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr