75,000 Jailbroken iPhones, iPads Hit by Chinese Malware
Owners of iPhones and iPads who jailbreak their devices generally understand that they're losing Apple's security protections, but that message hasn't really hit home until now. Two security researchers have documented that iOS malware called AdThief malware may have infected more than 75,000 jailbroken iDevices and stolen revenue from more than 22 million online ads.
Axille Apvrille, a French researcher for Sunnyvale, Calif.-based information-security Fortinet, has just published a paper about AdThief (PDF) in Virus Bulletin, a British-based online magazine that tracks information about online safety. (Apvrille's paper is dated July 2, but was posted Aug. 12.)
MORE: 10 Pros and Cons of Jailbreaking Your iPhone or iPad
Her paper builds on earlier work by Chinese researcher Claud Xiao, who discovered AdThief in March. Because his initial publications on the matter were very technical, Apvrille has attempted to clarify the situation.
The good news for users of jailbroken iOS devices is that AdThief doesn't directly target them. Instead, it redirects the ad-click micropayment (a tiny fraction of a cent) that takes place every time a user of an infected device clicks on an ad in an app or on a website. The ad revenue goes not to the legitimate recipients, but to a malefactor — possibly a Chinese hacker who wrote significant chunks of the code.
As for how AdThief spreads, the vector of infection is not crystal-clear, but AdThief appears to require the presence of Cydia, a widely used platform for jailbroken iDevices that allows and manages installation of apps from outside the iTunes App Store. Cydia is often automatically installed during the jailbreaking process.
Most of the ad networks targeted by AdThief are Chinese, but four are based in the United States, including Google's AdMob, and two in India. As long as a phone is jailbroken and has Cydia installed, the malware may have a way to get in. It's not clear whether changing the iOS root password from the default "alpine" will block the infection.
If you've been infected with AdThief, getting rid of it is not easy, as it compromises at least 15 prominent adkits. Security software for jailbroken iDevices is not exactly common, so your best recourse may be to restore your iPhone to manufacturer settings and, at least temporarily, erase the jailbreak.
Doing so won't be as sexy as access to unauthorized app stores, but it also means that you won't be funding online criminals who, sooner or later, may turn their sights to users rather than advertisers.
- Mobile Security Guide: Everything You Need to Know
- 10 iPhone Photo Tips for Shooting Like a Pro
- Best PC Antivirus Software 2014
Marshall Honorof is a Staff Writer for Tom's Guide. Contact him at mhonorof@tomsguide.com. Follow him @marshallhonorof and on Google+. Follow us @tomsguide, on Facebook and on Google+.
- uncheck the Google Play Services apps verification (enabled by default)
- enable installation from unknown sources (disabled by default)
- unlock bootloader or use another exploit to root phone
- allow all the permissions by the malware app
- install said app
Looks like getting malware on an iOS device takes fewer steps. All in the name of customiz-ability (sic!), which is possible in Android without any of these mentioned steps, by default!
Liar.
iOS is more secure than Android. A simple fact that you apparently can't deal with.
Not a single legit device got a virus, only the jailbroken ones. you're reaching.
Somewhere between 2-6% of all iPhone users jailbreak their phones because iOS lacks so much functionality. Compare that to around 1% of Android users rooting their phones (which is a much simpler task if you feel the need for it).
I'd say jailbroken iPhones are very legit iterations of iOS, seeing how common it is.
Name-calling has always been the prerogative of the most educated. /s
I was merely stating facts there. Apparently, the chip on your shoulder can be seen from the Moon.
Maybe you should stick to being a cop in South Park.... Get it?
LOL
Lol, here we go again. You do realize that those steps you just described above is what jail breaking actually does right? It is the main reason that allow of security conscious people don't jailbreak due to the risks involved. Same risks that you agree to when you make the changes you mentioned on your Android phone.
Lets just ignore the fact that you don't have to do the above things to compromise an Android phone. You can download your malicious or unsecure app right on Google Play. Sweet!!
Lol, here we go again. You do realize the step you described above is exactly what jail breaking does right. This is one of the reasons why security conscious users do not jailbreak or root their phones. It opens you up to an environment where applications that do not have to go through the same checks for security and functionality are able to be installed on your phone. Especially now that phones have a large amount if very personal information on this is not a good thing to do.
Lets ignore the fact that you can download a malicious or unsecure application right there on Google Play. Sweet!! Talk about ease of abuse.
You kind stepped in something on this one. 2-6% of IOS devices jailbroken is a much smaller number than 1% of Android devices rooted due to Android running on over 3997 different devices many of which are running on dated versions of the OS with no ability to upgrade.
http://opensignal.com/reports/fragmentation.php
How is Google or any Android device manufacturer for that matter able to manage security effectively across apps and OSwith that kind of fragmentation. Very difficult task.
Stop waiving flags and look at it realistically. It is only a freaken smart phone.
Office Space.
/and don't miss the mundane detail by placing the decimal in the wrong place.
Certain people deserve respect. Trolls like you who lie, don't.
iOS has had hardware encryption since the 3GS. Android used software encryption, an inferior method if you're concerned about security. iOS is also FIPS certified, Android is not. There's a reason why iOS completely dominates Android in Enterprise or corporate use.
Sorry to bring some real facts to this discussion.