Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Mysterious iOS malware campaign has Chinese origins

A new malware threat affecting jailbroken iOS devices has been uncovered by Reddit users and investigated by mobile researchers.

It is unclear how the malware, dubbed "Unflod Baby Panda," ends up on a device, however, according to mobile experts at Germany-based security firm SektionEins, the threat aims at stealing Apple IDs and the passwords associated with them, according to a blog post by the researchers.

The malware comes in the form of a library called “Unflod.dylib” that taps into all running processes of the device. Capable of listening in on outgoing SSL connections, it then attempts to steal the Apple ID data. Experts aren't sure how the malware ends up on the device, but believe it has Chinese origins.

Users are advised to perform a full restore, which would eradicate the malware and also do away with the jailbreak capabilities.

Related

Security concerns curb open source utilization

Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.