Apple iPhones Attacked by Fake Porn App Malware

Until now, you had to jailbreak an iPhone or iPad (or sync it with an infected Mac) to make it vulnerable to the same sort of Trojanized apps that plague Android users. But now, a newly discovered piece of malware known as YiSpecter can display ads on your iPhone's screen, steal information about your device and install other apps on most or all iOS devices.

You don't need to jailbreak your iPhone or iPad for it to be vulnerable to YiSpecter. According to the Santa Clara, California-based security firm Palo Alto Networks, YiSpecter — currently spreading across the Chinese-speaking world — is baked inside a streaming-video app that promises free pornographic video content and installs through an unofficial side-loading process.

MORE: Mobile Security Guide: Everything You Need to Know

YiSpecter installs on non-jailbroken devices by leveraging iOS enterprise certificates, which Apple issues to corporations that create in-house iOS apps for employee use, and the "private" application-program-interfaces (APIs) used by enterprise apps. It is currently functioning as not-terribly-malicious adware, Palo Alto Networks said, but has the power to do much more, including loading more malicious apps. YiSpecter will reappear if users attempt to delete it.

Palo Alto Networks also claims that YiSpecter is not alone in taking advantage of private APIs. Supposedly the team in charge of approving apps to be distributed in Apple’s iOS App store has allowed over 100 other API abusing apps to enter their digital retail shelves.

YiSpecter may in fact be the first clear-cut example of deliberately designed non-jailbroken iOS malware reported in the wild. Last year's WireLurker Trojan was arguably earlier, but iOS devices were infected by Wirelurker only after being connected via a USB cable to "trusted" Mac OS X computers that had already been infected by the same malware.

Last month's widely reported outbreak of possibly malicious apps in the official Apple App Store was due to a corrupted version of Xcode, Apple's software-development kit, being provided to Chinese developers.

Palo Alto Networks claims that YiSpecter is not alone in taking advantage of private APIs. The security firm said more than 100 apps that used private APIs not documented by Apple had been found in Apple's App Store.

According to Quartz, "a source close to the matter" (possibly an Apple employee) said the flaw exploited by YiSpecter has been patched in iOS 9. Apple did not immediately respond to a request for comment from Tom's Guide.

• How to Stream Video to Your TV From a Phone or Computer

• 10 Pros and Cons of Jailbreaking Your iPhone or iPad

• Best Antivirus Protection for PC, Mac and Android

Copyright 2015 Toms Guides , a Purch company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.