YiSpecter iPhone malware won’t spook you if you’ve kept iOS updated, says Apple


According to Apple, your iPhone and iPad should be safe from the YiSpecter malware if you are running iOS 8.4 or later (the latest released version of iOS is 9.02).

YiSpecter, which is believed to have been infecting iOS devices in China and Taiwan since at least November 2014, was brought to the wider public’s attention by researchers at Palo Alto Networks, who described how it installed unwanted apps, replaced legitimate apps with ones it had downloaded, and displayed money-making full-screen advertisements.


Notably, YiSpecter was found infecting iPhones and iPads regardless of whether they had been jailbroken or not, exploiting certificates issued under Apple’s iOS Developer Enterprise Program and private APIs.

However, in a statement given to Apple-watching blog The Loop, the technology firm said that the only users who were potentially at risk were those who had not updated their devices to iOS 8.4 or later:

This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps.”

iOS 8.4 was released at the end of June 2015. Although at the time many commentators focused on iOS 8.4 introducing Apple Music for the first time, it also addressed a number of ways in which non-jailbroken iPhones and iPads could be attacked by malicious software.

At the time, all iOS users - whether inside businesses or at home - were advised to upgrade.

Of course, if you are still using an iPhone 4 (or earlier hardware) then you won’t have been able to upgrade to iOS 8 (let alone iOS 8.4) so you could still potentially be vulnerable. Even if you have an iPhone 4S, you may have held off upgrading to iOS 8 because of sluggish performance.

If you are a user of an older iOS device that isn’t running iOS 8.4 or later then you will need to decide for yourself what the best course of action is. The chances of being hit by the YiSpecter attack may be relatively low, especially if you’re not based in China and Taiwan, and you may decide that the cost of upgrading your hardware to a more modern device is prohibitive.

You make your choices and take your chances…

Tags: , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.