Tuesday, 6 October 2015

YiSpecter iOS Malware Can Infect Non-Jailbroken Devices

Malware is something we are all used to hearing about and contrary to the popular myth that iOS and OS X are bulletproof, we have heard that YiSpecter malware can infect your devices. Now we all know that as a mobile platform, iOS is a lot more secure than the competition, and over the years attacks have only happened on devices that were jailbroken. These are the devices that have been liberated from Apple’s tight security. Unfortunately, that might no longer be the case thanks to a new strain of malware known as YiSpecter, which has been found to attack non-jailbroken iOS devices.

YiSpecter is a recently discovered malicious form of malware and it is the first of its kind. In order to do what it does, this malware uses and abuses a private API in order to gain access to your device and unleash damage. The strain has actually been around for about ten months now and is currently known to be limited to users in China and Taiwan. YiSpecter manages to gain access and spread by hijacking ISP traffic, an additional strain of malware on the Windows platform, and offline application installation.

The internal DNA of this malware is quite intricate and it involves four different components that have all been digitally signed by various enterprise certificates. Those individual components work in conjunction with one another to set off a chain of downloads that originate from a remote server. The malware is then instructed internally to hide its own icons from the iOS home screen so that it doesn’t raise suspicion. For those that actually have the ability to access hidden icons, the developers behind YiSpecter have attempted to mask their malicious malware by masquerading it as an official App Store installation.

In terms of what this malware can do, it is fairly far reaching. YiSpecter is able to change the default search engine in Safari, replace installed apps with ones of its own that have been downloaded remotely to collect data and inputs, as well as upload the information it steals to a control center server.

Now for the good news, we have received work that the vulnerability within iOS that allows access to YiSpecter has been patched with the release of iOS 9 and it can only affect iOS 8.3 and below. iOS 8.4 and above are safe so if you want to protect your device from this malware be sure to upgrade your firmware to a safe version.

Thursday, 1 October 2015

Apple Has Added A Little Waterproofing To iPhone 6s And iPhone 6s Plus

#p During the week we watched a video by a YouTuber who placed his iPhone 6s and iPhone 6s Plus in a bowl of water for an hour and they continued to work. Now it is safe to say that we were very surprised because Apple hasn’t said anything about a waterproof iPhone. It turns out that the YouTuber did a follow up video which shows that at least one of the iPhone’s screens is starting to fail because of the water damage. #/p #p We were very curious as to why someone would do this to their iPhone but it turns out that new findings regarding the internal setup of the iPhone 6s and 6s Plus have revealed why these new iPhones lasted so long in the bowl of water anyway. Even though one of them is starting to fail, it is clear that both actually did stand up to the water test considerably well when compared to other iPhone models. Both of the new iPhones were taken apart by iFixit, and this revealed the answer. #/p #p Photos were taken by iFixit, and they showed that both of Apple’s new iPhone models have a gasket around the edge of the entire handset as well as silicone seals around important parts of the device’s internals. The lip around the edge of the new frame has 0.3mm of additional width compared to the iPhone 6. This provides just enough space to house the gasket. Apple didn’t just line the edge with adhesive sealant; they actually reconstructed the edge of the frame to make space for a seal. #/p #p This means that the iPhone 6s and iPhone 6s plus are equipped to withstand water to a certain extent. This doesn’t mean that Apple have made these devices waterproof because this hasn’t been mentioned. What it does mean though is that your iPhone may be prevented from getting damaged from accidental drops into water. #/p #p We wouldn’t advise that you try this out but you might take some peace of mind in knowing that if you accidentally drop your phone in water, as we can all do from time to time, you might still have a fully working device if you rescue it quickly enough. #/p #p Who knows though, this could be the beginning of Apple introducing a waterproof iPhone in the future. #/p