According to Palo Alto Network many iOS device is infected with this new iOS malware which exploit the flaws of Apple DRM. AceDeceiver is the name of the new iOS malware. However malware in iOS device is very rare, because Apple iOS device is mean to safest device among all available device. We have seen many Android malware since 2010 and we have to still face the attack of malware on some of Android device. This AceDeceiver iOS malware have successfully attacks number of non-jailbroken iOS device.
According to Palo Alto Networks “AceDeceiver is the first iOS malware, we have seen that the abuse of some design flaws in the mechanism of DRM protection Apple, namely – FairPlay – to install malicious applications on Cisco devices IOS, regardless if they are attacked. This technique is called “FairPlay Man-in-the-middle (MITM) ‘… Apple allows users to buy and download the IOS app from the iTunes App Store through your customer work on your computer. then you can use computers to install applications your Cisco IOS devices. IOS system device will request an authorization code for each installed in order to demonstrate effectively purchased application application. in the attack FairPlay MITM, criminals buy the application from the App Store, then take and maintain the authorization code. then developed the software PC software, which simulates the behavior of iTunes customers, and tricks of IOS device to trust the application was purchased by the victim. Thus, the user can install the application, never paid, and the software maker can install potentially malicious applications without the user’s knowledge. “
The Apple store provide number of apps that the iOS user use to install it. The user can also use their system to install apps on their iOS devices. An iOS device will request an authorization code for each installed application to test the application was actually purchased. In the attack FairPlay MITM, attackers purchase the app from App Store, and then intercept and save the authorization code. They then developed a software for PC that simulates the behavior of the client ITunes and Cisco IOS devices tricks to believe that the application was purchased by the victim. Thus, the user can install applications that are in fact never paid, and creator software can be installed potentially malicious applications without the knowledge of user’s.
In AceDeceiver there is different types of iOS apps that were uploaded in the official App Stores. All of these apps get successfully omit code using similar ZerdHelper methods. In this case AceDeceiver iOS malware shows vicious behaviors. But its good to hear that Apple have removed these apps from the App Stores after rapid blame from the number of the users.