Apple Inc. (NASDAQ:AAPL) iOS has again been targeted by attackers, this time using malware which infects the Digital Rights Management (DRM) mechanism and breaks into iOS devices. It is being reported that users with non-jailbroken iOS devices are particularly targeted by the malware, which is being dubbed “AceDeceiver”.
Three researches from Palo Alto discovered that the App Store was playing host to a few malicious apps, which would make their way to iOS devices that are being installed through iTunes or the App Store only. Then, using the iOS security protocol bypass technique brought to notice by Georgie’s Institute of Technology researchers, attackers can fool iTunes into allowing installation of apps from external sources. This is done by gaining access to an iPhone, for example, by means of a computer system running iTunes, infected with AceDeceiver.
The malware, which uses the Man In The Middle (MITM) technique to spread malware, is capable of creating copies of itself even after the apps hosting the malware have been removed from iTunes. It is safe to say that this is a completely different kettle of fish that we’re talking about, and Apple will most certainly have to notice the DRM weakness that has exploited the non-jailbroken iOS users. However, it remains to be seen how Apple deals with the threat, which is a first-of-its-kind case according to Palo Alto researcher Claud Xiao, who discovered the malware.
AceDeceiver is reportedly used to steal iTunes information about user identities, as it is able to latch itself even to non-jailbroken devices, with their security measures intact. Claud Xiao, however, has come forward with a set of recommendations which would help the company deal with the malware, which includes enabling two-factor authentication for Apple IDs.