

Apple malware affects mostly Chinese users - dan1234
http://m.bbc.co.uk/news/technology-29928751

======
0x0
A more informative technical explanation is given here:
[http://www.zdziarski.com/blog/?p=4140](http://www.zdziarski.com/blog/?p=4140)

TL;DR: Pirated OSX apps with components that listen for iphone usb
connections, which then gathers some metadata from the phone, and if the phone
is jailbroken, it also grabs actual data (imessages etc) by uploading an ios
backdoor component that hooks onto the commonly installed mobilesubstrate
jailbreak helper.

Also, for non-jailbroken iphones, it uses an enterprise adhoc distribution
certificate to install additional ios apps which apparently has been
backdoored - article doesn't specify which apps, but apparently there's a risk
that one could replace well-known apps like facebook by using the same bundle-
id as the legit ones. I guess the user will be prompted on first run to accept
the enterprise cert.

All in all it doesn't appear to exploit any vulnerabilities, just using
existing features for what they are worth.

~~~
dan1234
Is this the first time there's been a credible attack against non-jailbroken
phones?

~~~
0x0
Doubtful, and ios7 (and 8) tightened up on pairing probably because of the
scare of leaking data when charging with an untrusted USB peer. But maybe one
of the first high-profile, mass-distributed ones?

Also, don't forget that jailbreaking _itself_ by definition proves the
possibility of attacking a non-jailbroken device via USB (or sometimes, even
via the web in mobile safari). The fact that you get a visible Cydia app icon
and optionally an SSH daemon with a known root password just means this time
the attacker (hopefully, _you_ ) was benevolent.

~~~
Osmium
> Doubtful, and ios7 (and 8) tightened up on pairing

They could still do more. It would be nice to be able to see a editable list
of trusted devices. At the moment, on first connection, a "do you trust this
computer?" prompt comes up. If you select "trust", to my knowledge there's no
way to then revoke that trust. Additionally, there's no "don't ask me again"
button, so if you do use your device with an un-trusted computer you have to
be careful to never accidentally click the "trust" button every single time
you plug it in (e.g. if you want to charge but don't want to sync).

~~~
quesera
You can revoke _all_ pairing trusts (on ios8, at least) with:

    
    
      Settings > General > Reset > Reset Location & Privacy
    

AFAIK there is no UI for individual pairing management, but I think the full
reset is completely safe/non-destructive otherwise -- just re-pair on the
machines you do trust, and everything continues as usual without data loss or
huge resync, etc.

------
marak830
the Chinese government denied the claims and was backed by state-owned
internet provider China Telecom, which said the accusation was "untrue and
unfounded".

I cant quite put my finger on it, but an isp chiming in and saying it wasnt
the government just strikes me as weird.

------
purpletoned
What about slightly Chinese users? Are they immune to the malware?

