The State of iOS Security
•
39 gefällt mir•6,294 views
There is a common belief that iOS devices don't get malware, but the iOS threat landscape is actually quite similar to what we saw on Android in 2010. Read the blog: https://blog.lookout.com/blog/2015/03/05/the-state-of-ios-security/
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Andere mochten auch
Andere mochten auch (19)
Mehr von Lookout
Mehr von Lookout (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
The State of iOS Security
- 1. i O S T H R E A T S The State of iOS Security
- 2. The iOS App Store is not the impenetrable walled garden you think it is.
- 3. T O P M Y T H S A B O U T A P P L E S E C U R I T Y 1# MYTH: The Apple App Store has never had malware in it FACT: The App Store published at least one piece of malware and approved two others. The published malware, a trojan called “Find and Call,” downloaded your phonebook and spammed contacts. 3# MYTH: FACT devices. Non-jailbroken threats will be more targeted and sophisticated, but they’re not impossible to create. 2# MYTH: FACT types of attacks as Android malware including data exfiltration and surveillance.
- 4. T O P M Y T H S A B O U T A P P L E S E C U R I T Y 1# MYTH: FACT malware, a trojan called “Find and Call,” downloaded your phonebook and spammed contacts. 3# MYTH: FACT devices. Non-jailbroken threats will be more targeted and sophisticated, but they’re not impossible to create. 2# MYTH: Apple devices cannot be attacked like Android FACT : Actually, once on the device, iOS malware can perform many of the same types of attacks as Android malware including data exfiltration and surveillance.
- 5. T O P M Y T H S A B O U T A P P L E S E C U R I T Y 1# MYTH: FACT malware, a trojan called “Find and Call,” downloaded your phonebook and spammed contacts. 3# MYTH: Threats on iOS only affect jailbroken devices FACT: Wirelurker, XAgent, Find and Call, and others are proof that malware can affect non-jailbroken devices. Non-jailbroken threats will be more targeted and sophisticated, but they’re not impossible to create. 2# MYTH: FACT types of attacks as Android malware including data exfiltration and surveillance.
- 6. Today, iOS malware looks a lot like Android malware in 2010.
- 7. Android malware got its foothold in 2010 when researchers found the first trojan called “FakePlayer” in the wild. A year later, in 2011, we saw the first Android malware in the Google Play store called DroidDream. Thus far, iOS malware has followed a similar pattern with threats appearing in the wild for jailbroken devices, moving to non-jailbroken devices, and finally sneaking into the official App Store
- 8. Android malware got its foothold in 2010 when researchers found the first trojan called “FakePlayer” in the wild. A year later, in 2011, we saw the first Android malware in the Google Play store called DroidDream. Thus far, iOS malware has followed a similar pattern with threats appearing in the wild for jailbroken devices, moving to non-jailbroken devices, and finally sneaking into the official App Store.
- 9. K E V I N M A H A F F E Y Bad guys are rational economic actors. Because Android is so much more popular in the world they're targeting the largest platforms first. Criminals are soon going to double down on iOS with targeted attacks. Kevin Mahaffey, Lookout CTO, predicts that we'll soon see a new wave of iOS attacks that will fundamentally change the iOS threat landscape.
- 10. HACKING TOOLS VULNERA BIL ITIES MALWAR E ! Apps or services that a user employs to jailbreak, or gain root access to the phone, but could be used for malicious means. ! Software holes in the iOS platform that could be exploited to own iOS devices. ! Apps that take user data or negatively impact the device without the user’s knowledge or permission. i O S T H R E A T S T O D A T E What are these threats that can seemingly execute just like Android malware can? We classify iOS threats to date into three different categories:
- 11. i O S T H R E A T S T O D A T E 2009 Ikee First piece of iOS malware. 2010 JailbreakMe A tool that exploited a hole in the iOS PDF reader in order to jailbreak the phone. 2011 Instastock One of the first pieces of “malware” to get into the Apple App Store. Created by researcher Charlie Miller, this proof-of-concept malware looked “safe” during Apple’s review process, but secretly downloaded malicious code after being approved. 2012 Find and Call Find and Call was the first non-POC iOS trojan to get inside the App Store. It silently stole a victim’s phonebook and spammed their friends. The creator claimed this was a software bug. Apple removed it from the App Store.
- 12. i O S T H R E A T S T O D A T E 2013 Evasi0n ! Mactans ! Jekyll and Hyde 2014 Keyboard contents bug ! Xsser mRAT ! Masque Attack A tool that exploited a hole in the iOS PDF reader in order to jailbreak the phone. ! WireLurker A tool that exploited a hole in the iOS PDF reader in order to jailbreak the phone. 2015 XAgent The latest iOS malware. This is surveillanceware that may be part of a broader cyber-espionage campaign.
- 13. STAY SAFE ! Be cautious of clicking links to download applications, don't jailbreak your phone unless you really know what you're doing and, of course, have a security app in place!
- 14. For more mobile security information, follow