iOS ad-hijacker malware hits 75,000 jailbroken devices

Security researcher shines a light on iOS malware risks

Further details have emerged about a piece of iOS malware that redirects ad revenues to cyber attackers each time a person uses their devices to view or click on advertisements.

The malware, dubbed AdThief, is known to have infected around 75,000 iOS devices to date, according to a Virus Bulletin advisory notice. It specifically targets jailbroken Apple tablets and smartphones.  

At the time of writing, it's estimated the malware has been used to steal revenue from approximately 22 million ads.

The malware was first uncovered in March 2014 by security researcher Claud Xiao, but scant detail about how it operates was released at the time.

As a result, another security researcher, Axelle Apvrille, has taken it upon themselves to find out more about its inner workings and has uncovered details of who created it.  

"Each time you view or click on an ad on an infected device, the corresponding revenue goes to the attacker, and not to the developer or the legitimate affiliate," Apvrille writes.

By analysing the makeup of the malware, Apvrille has ascertained that it was created by a Chinese hacker, who has admitted to writing part of the code but claims a third-party refined it.

The hacker has also denied having any role in its distribution.

The emergence of AdThief is significant, the researcher continues, because iOS malware is so uncommon.

"At the end of 2013, there were only four different families, as well as a dozen families of adware or spyware," they continued.

"Thus, the discovery of new iOS malware is generally pretty hot news for an anti-virus analyst."

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

Apple doubles down in the US with $430 billion investment
business intelligence (BI)

Apple doubles down in the US with $430 billion investment

27 Apr 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Patent shows Apple is working on improving iPhone’s AR capabilities
augmented reality (AR)

Patent shows Apple is working on improving iPhone’s AR capabilities

22 Jun 2021
How to turn off battery throttling on an iPhone
battery life

How to turn off battery throttling on an iPhone

18 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Q&A: Enabling transformation
Sponsored

Q&A: Enabling transformation

10 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021