YiSpecter: Does Our Attitude to Apple Security Need An Update?

28
Oct
Chris Thornton

Written by Chris Thornton, 28 October 2015

There's a public perception that Apple products are less affected by cyber-threats than other devices... but does our attitude to Apple security need an update?

Despite a number of highly publicised security breaches in recent years, Apple products have retained a robust reputation as being 'safer' from cyber-threats than their PC counterparts. In fact, the company's mantra used to boast that OS X just "doesn't get PC viruses", or that users could "Safeguard your data. By doing nothing". Despite a few wobbles, the public, for the most part, went along with the idea that Apple enjoyed a level of virus immunity....

Those boasts disappeared, however, in 2012 when thousands of Macs were infected by the 'Flashback' malware - and in 2013, when Apple employees saw their own computers hacked using vulnerabilities in their own website. The breaches not only damaged Apple's pristine reputation but acted as a wake-up call to users who had been blissfully unaware of potential threats - the official company line was even changed to: "It's built to be safe"

Hiding In Plain Sight

One of the most widespread threats to Apple users came this year, in the form of the 'YiSpecter' iOS malware. Thought to have originated in China, YiSpecter had been lurking undetected for around 10 months... and once downloaded it can wreak havoc: replacing or hijacking apps, changing Safari's search settings and bookmarks and uploading user data to malicious servers. Most worryingly, YiSpecter can even infect iPhones that haven’t had their iOS tampered with (known as jail-breaking).

The YiSpecter outbreak is a stark warning that many of the threats to Apple devices have been hiding in plain sight, and perhaps taking advantage of the public’s 'virus resilient' perception that surrounds the company's products. 

Serious Security Threats

Recent developments suggest we need to change that attitude. A study by Purdue University discovered 146 apps in the App store which violated Apple's own regulations and presented serious security threats. Back in September, Palo Alto Networks, who discovered YiSpecter, also uncovered the XcodeGhost malware, which had affected hundreds of legitimate OS X and iOS apps.

While the XcodeGhost problem was (mostly) confined to the Far East, it represents another startling weakness in Apple's supposedly robust security. YiSpecter is especially dangerous to businesses since its delivery method matches the way many organisations deliver apps to employee devices.

Don't Panic... Yet

It isn't time to throw your iPhone into the ocean just yet. Like XcodeGhost, YiSpecter is, so far, only affecting users in China and Taiwan, and Palo Alto have released countermeasures in early October to deal with it and remove. Apple is also aware of the threat and has addressed the vulnerabilities.

These incidents should remind Apple users - especially those of us who use their products for business - that security begins at home. The safety of your devices and networks are factors eminently within your control, and there are basic measures we can take to protect ourselves:

  • Updates: Ensure your device's operating system is up to date. Apple addressed the Yispecter threat in iOS 8.4 (and higher) and to keep out of the clutches of future malware threats, you should keep your software updated.
  • Java: Since it's notorious for its vulnerabilities, the Java software platform should be uninstalled or at the very least deactivated in your browser, unless you absolutely need it.
  • App Store: Be extremely careful with apps that don't originate in the App Store. Your business may require the download of non-App Store apps, but in all other contexts use OS X's Gatekeeper software to warn of potential threats.
  • Antivirus: Whatever you've heard about the resilience of Apple devices, running antivirus software for Mac won't hurt you and will offer a valuable extra level of protection. 

Has your Apple device fallen foul of a malware attack? Get in touch below if you need more advice on keeping your Apple products safe...

Business Continuity: Too Important To Ignore

Despite numerous high profile incidents, research shows that small businesses are ignoring the importance of business continuity... but why?

Breaking News: How Can You Protect Yourself Against the TalkTalk Hack?

Earlier today, it was revealed that national consumer broadband provider TalkTalk had suffered a “significant” cyber-attack. Shackleton’s Senior Technical Manager, Chris Thornton, investigates…