Just after XcodeGhost malware attacked keep down, another Malware identified by Palo Alto Network, which is called YiSpecter. The XcodeGhost malware only effected non jailbroken but YiSpecter attacks both jailbroken and non jailbroken Devices. YiSpecter mostly targets China and Taiwan iOS users. Most of the effected users said YiSpecter Download through porn video advertisement.
What YiSpecter can you do?
It can install unwanted applications
It can replace genuine applications
Displaying unwanted full Screen applications
It can change all Bookmarks of Safari can change Safari default search
It can upload Device information’s back to server
According to malware researchers this is not first malware attack which target both jailbroken and non jailbroken Devices. According to Alto researchers this not a new malware and it has been effecting Over 10 months periods.
Can delete YiSpecter by manually?
Unfortunately, users cannot delete it by manually. If you’re able to delete it from your Device, it will automatically re- appear. However, Palo Alto team successfully found a way to remove YiSpecter from your iOS Device.
In iOS Device go to Settings > General > Go to Profile. If is there unknown profile just delete them
If you see any Application naming “情涩播放器”, “快播私密版” or “快播0” delete them.
Install third party iOS management tool such as iFunBox to Windows or Mac OS X and connect your Device to iOS Device. Now must check all installed applications, and if you see any app name such as Phone / Weather / Game Center / Passbook/ Notes or Cydia, you must delete them.
How to protect iOS Devices from YiSpecter?
Users can protect Devices form update to iOS 8.4 or above iOS 9 / iOS 9.0.1 and iOS 9.0.2 versions. If you are not liked to update OS version beyond iOS 8.4, do not Download any kind of software from untrusted Developers.
Difference between YiSpecter and XcodeGhost
XcodeGhost is only effected Stock iOS Device and YiSpecter is effected both Stock and jailbroken iOS Devices. So YiSpecter is the first malware which is effected both Stock and jailbroken iOS Devices. XcodeGhost collect your data like name of the infected application / Device model and Type / users country / system language / Ntwork Type and Device UDID number. So YiSpecter also doing same things but additionally install unwanted applications.
Previous malware attacks
AdThief/Spad – Effected to Jailbroken iOS Devices
FindCall – Effected to Stock iOS Devices
Ikee/Eeki – Effected to Jailbrokn iOS Devices
iKeyGuard – Effected to Jailbrokn iOS Devices
LBTM – Effected to Stock iOS Devices
MobileSpy/RetinaX/BopSmiley – Effected to Jailbroken iOS Devices
PawnStorm.A – Effected to Stock iOS Device
PawnStorm.B – Effected to Jailbroken iOS Devices
Riskware/Killmob – Effected to Jailbroken iOS Devices
Toires – Effected to Stock iOS Device
Trapsms – Effected to Jailbroken iOS Devices
Unflod Baby Panda – Effected to Jailbroken iOS Devices