Posted on 04/13/2019 7:03:07 AM PDT by BenLurkin
Unlike the Android version, the malware isn’t distributed through the App Store but via the Apple Developer Enterprise program, which allows organizations to distribute proprietary, in-house apps to their employees and bypass the App Store, Lookout said.
However, some malicious groups have exploited this, Domingo Guerra, Senior Director, Modern OS Security, Symantec, told Fox News. These groups “misused the enterprise app certificate ‘loop-hole’ to circumvent the App Store review process and get their apps ‘sideloaded’ onto target devices,” he said.
This is a new twist and potentially a sign of things to come. “The fact that it uses this ‘backdoor’ of the Apple Enterprise Developer Program is fairly novel and likely a new avenue other actors might try to take when targeting iOS users,” Adam Kujawa, Director of Malwarebytes Labs, told Fox News.
Since the App Store is secure, malware purveyors were forced to take an alternative route, Kujawa said. “Apple has a more locked down app store, trying to slip it into the legitimate application repository is pretty much impossible.”
Instead, attackers are setting up phishing sites, pretending to be mobile carriers, Kujawa added. “From these pages, there are links to install what the user believes to be useful applications from their mobile carrier…[but] these links will navigate the user to download the app on their iOS device.”
(Excerpt) Read more at foxnews.com ...
Without the app store ? Is that even possible?
yes - totally possible - it’s how proprietary apps for employee use in large companies are distributed.
This is a poorly written headline meant to mislead. The invulnerability of iPhones is a myth. Similar malware has been deployed on Android phones... but it is not Android malware when its written for and deployed on the iPhone. Basically all electronic computing devices are vulnerable to tampering by devious individuals and governments. To believe otherwise is foolish. Malware and viruses have been deployed on iPhones for years... some examples:
1.2 “Find and Call” (July 2012)
1.3 Packages by Nobitazzz (August 2012 and September 2013)
1.4 AdThief/Spad (March and August 2014)
1.5 Unflod (April 2014)
1.6 AppBuyer (September 2014)
1.7 WireLurker and Masque Attack (November 2014)
1.8 Xsser mRAT (December 2014)
1.9 Lock Saver Free (July 2015)
1.10 KeyRaider (August 2015)
1.11 XcodeGhost (September 2015)
1.12 YiSpecter (October 2015)
1.13 Muda (October 2015)
1.14 Youmi Ad SDK (October 2015)
1.15 AceDeceiver (March 2016)
1.16 Safari JavaScript pop-up scareware (March 2017)
2 Tools used by governments (and similar) to target individuals 2.1 FinSpy Mobile (August 2012)
2.2 DROPOUTJEEP (December 2013)
2.3 Hacking Team tools (June 2014 and July 2015)
2.4 Inception (December 2014)
2.5 XAgent (February 2015)
2.6 Pegasus (August 2016)
2.7 Cellebrite (February 2017)
2.8 CIA “Vault 7” materials (March 2017)
3 Tools developed as part of research 3.1 iSAM (June 2011)
3.2 Instastock (November 2011)
3.3 Mactans (July 2013)
3.4 Jekyll (August 2013)
3.5 XARA attacks (June 2015)
3.6 NeonEggShell (August 2015)
4 Tools for sale to the public to target individuals 4.1 1mole
4.2 Copy9
4.3 Copy10
4.4 FlexiSPY
4.5 iKeyGuard Key Logger
4.6 iKeyMonitor keylogger
4.7 InnovaSPY
4.8 Mobile Spy
4.9 MobiStealth
4.10 mSpy
4.11 OwnSpy
4.12 Spy App
4.13 SpyKey
4.14 StealthGenie
4.15 Trapsms
https://www.theiphonewiki.com/wiki/Malware_for_iOS
The article doesn’t mention that Apple has already cancelled the enterprise certificates of several large companies for allowing this to happen. They completely halted the use of company-wide software at Facebook for several days, until Facebook agreed to fix the security problems.
I guess I’m safe. I hate smart phones, never wanted one, but a couple of years back, someone in my area was using a network booster, and my 3G phone was being effected. Had trouble making calls, and manually updating the roaming capabilities. The booster showed up as an icon on my screen one day. The only way to get rid of the icon was to drive 3-4 blocks away from my place. Ended up having to buy a smart phone to get rid of it, so I bought the cheapest iPhone because I’m familiar with Apple software. I hate it. The only time I use Safari on it is if I’m away from home, and want to look something up, or check FR. It’s main use is for making and receiving calls.
Yes, but the iPhone has to have the Enterprise system turned on, and set-up to accept the pushed enterprise Apps. Chinese third-party app stores were using this approach by using enterprise certificate to sell unauthorized apps. The user has to download the enterprise certificate then accept the apps.
This is a non-story. The exploit requires social engineering iPhone users into installing an app outside of the Apple App Store.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.