• Best VPN
  • Research
  • Guides
  • News
  • VPN Reviews
    • Comparisons
  • Coupons
  • Contact
    • About us
  • EnglishEnglish
    • FrançaisFrançais
Facebook Twitter Instagram
Facebook Twitter Instagram
Your Trusted VPN Experts
  • Best VPN
  • Research
  • Guides
  • News
  • VPN Reviews
    • Comparisons
  • Coupons
  • Contact
    • About us
  • EnglishEnglish
    • FrançaisFrançais
Your Trusted VPN Experts
News

iOS-Based AdThief Malware Infects 75,000 Jailbroken iPhones

Dan ParkerDan Parker
Share
Facebook Twitter Pinterest Email

This week, details have emerged about a new strain of malware which is capable of hijacking major ad publication platforms on iOS devices, injecting itself into pop-ups in order to gain root access to a user’s phone.

According to the latest release of the Virus Bulletin newsletter, the infection, known as “AdThief”, has affected around 22 million ad displays on 75,000 separate jailbroken devices running nearly every cracked version of iOS on the iPhone 4 and 4s, and above. Initially discovered by independent mobile security researcher Claud Xiao of China back in March, the problem has only grown in spread and severity since first breaking out onto the scene.

Another researcher interested in AdThief, Axelle Aprville, then went on to study the mobile malware for a number of months before publishing her report in this month’s Virus Bulletin, posting detailed results of her tracking campaign and breaking down the exact methods that its designers used to ensure the program evaded detection and spread through a series of constantly shifting botnets that were coded to lay low until the last possible moment in order to spread effectively.

Aprville explains the malware’s tactics in greater detail here:

“Each time an end-user views or clicks on a given advertisement, the corresponding application developer (or partner, or affiliate) receives a small payment. This is what advertisement companies refer to as ‘cost per thousand impressions’ (CPM) or ‘click-through rate’ (CTR). To credit the right developer when ads are viewed or clicked, adkits identify developers (or partners etc.) with a developer ID.

iOS/AdThief modifies this developer ID, replacing it with an identifier owned by the attacker. Revenues are consequently hijacked, with all of the revenue generated when an ad is viewed or clicked being assigned to the attacker’s identifier.”

Many of the most widely used ad display software kits were targeted as a result of AdThief’s advanced stealth mechanics, including AdMob, AdSage, InMobi, and Weibo. The malware also crosses international boundaries, tripping its way across the date line multiple times through the Americas, Europe, and Asia in 32 different languages.

Must Read  Silk Road 2.0 Bust Shuts Down Several Other Domains

Obviously the risk of jailbreaking one’s phone is they lose all the standard security protocols installed by Apple, which currently makes it one of the safest, least-penetrable options available on the market today.

Tim Cook recently posted statistics at this year’s World Wide Developers Conference which show that in comparison with Android devices, 99 percent of all mobile infections are on Apple’s competitor’s platform, most of which are distributed and maintained by networks set up in Google’s almost-ubiquitously infected Play store.

Many believe this stark difference in statistics is due to the way that each company chooses to vet the apps that eventually make it on to their online marketplaces. The App Store, which can often take several weeks to approve even the slightest update for an app, relies on a stringent (and massive) team of human operators who comb through the code of every submission by hand, who can rely on their personal experience and intuition to decide whether or not an app poses a threat to their users.

This process has ensured the App Store has remained almost entirely malware free, whereas Google Play has taken the much lazier, though more cost-effective, route of entrusting this process to an automated program, called Bouncer. Installing a VPN on Apple TV is always recommended!

Bouncer can be easily fooled by even the most rudimentary viruses, and due to the fact that it relies on a virtualized environment in order to run checks on potential Play Store submissions, all hackers need to do is run their equipment in sandbox mode in order to make it through the process without a problem.

Of course, when a user decides to jailbreak their iOS device, all these checks and balances that the Apple security team spent years and tens of millions of dollars to set up go right out the window, and devices become a Wild West-esque combo of threat-attracting honeypots that not even the most disciplined of criminal organizations can resist.

Share. Facebook Twitter Pinterest LinkedIn Email
Previous ArticleSilk Road 2.0 Bust Shuts Down Several Other Domains
Next Article Instagram Blocked Amid Hong Kong Protests
Dan Parker

Dan is a technology reporter from San Jose, California, currently living right in the heart of Silicon Valley. Raised around tech, he's found interests in various gadgets and the companies that make them for years. When not blogging about tech, he can be found hunting for music, shredding the slopes in South Lake, or whipping up a dish for friends in the kitchen.

Related Posts

Proton VPN and Deutsche Welle join forces to circumvent online censorship

Brave Bolsters Web Browser with Enhanced Privacy Features: Firewall and VPN

A free VPN will soon be integrated into the Microsoft Edge web browser

NordVPN Birthday sale is on!

NordBF banner

Latest posts
  • Proton VPN and Deutsche Welle join forces to circumvent online censorship 03/24/2023
  • Brave Bolsters Web Browser with Enhanced Privacy Features: Firewall and VPN 03/23/2023
  • WireGuard VPN: everything you need to know about the fastest VPN protocol! 03/02/2023
  • A free VPN will soon be integrated into the Microsoft Edge web browser 02/23/2023
  • Why Your Business Needs A VPN Solution! 02/22/2023
Facebook Twitter Instagram Pinterest
  • About us
  • Contact
  • Privacy Policy
  • Sitemap
  • English
  • Français
© 2023 Copyright VPN Creative

Type above and press Enter to search. Press Esc to cancel.