Sunday, 20 April 2014

IOS Virus Is Loose! Unflod.dylib Will Harvest Your Apple Details

Just came across this on reddit, its on twitter also.

Apparently there is a malicious file that is infected jailbroken phones from repos. As yet nobody knows, but once infected your apple Id and password are sent to chinese servers.

On 17th April 2014 a malware campaign targetting users of jailbroken iPhones has been discovered and discussed by reddit users. This malware appears to have Chinese origin and comes as a library called Unflod.dylib that hooks into all running processes of jailbroken iDevices and listens to outgoing SSL connections. From these connections it tries to steal the device's Apple-ID and corresponding password and sends them in plaintext to servers with IP addresses in control of US hosting companies for apparently Chinese customers.

Users of reddit have made this malware available to the public, which allowed SektionEins to performed an analysis of this threat.

However so far only the malware itself has been found and until now it is unknown how it ends up on jailbroken phones. Rumours that Chinese piracy repositories are involved are so far unverified.


Simple test - Check /Library/MobileSubstrate/DynamicLibraries/ in iFile for an Unflod.dylib. If found, DELETE IT!

No comments:

Post a Comment

Tweaks : Liberty (bypass jailbreak detection on iPhone)

Hi semua, developer for iphone Mr Ryley telahpun develop 1 useful tweaks utk iphone yg telah di jailbreak. Aku ada pm beliau mohon masuk...