Do I have the AceDeceiver Malware?

Most – if not all – iPhone users, can relax…

AceDeceiver-Malware

There’s but a great deal of hub-bub over the latest revelation that non-jailbroken iPhones can be breached with a man in the middle attack (MitM) that comes to iDevices via flaws in Apples DRM system, FairPlay.

Apple’s FairPlay DRM (digital rights management) system insures that only authorized users can get access to purchased content (apps, music, movies, etc.) through a given AppleID. However, this MitM attack allows hackers to install malware on iOS devices without a user’s knowledge or consent, bypassing Apple security measures.

According to PaloAlto Networks,“In the FairPlay MITM attack, attackers purchase an app from App Store then intercept and save the authorization code. They then developed PC software that simulates the iTunes client behaviors, and tricks iOS devices to believe the app was purchased by the victim.”

While this has previously been used just to pirate iDevice apps in the past, this is the first time this particular attack has been used to install and spread malware.  Victims first download a Windows program called Aisi Helper which is supposed to provide jailbreaking, system back up and device management and cleaning services.  Once installed, it installs malicious apps to any and all iDevices that are ever connected to the PC.

From that point forward, the malicious app redirects App Store requests to a malicious store, where your AppleID and password WILL be phished.  So, what does this mean for YOU, the iPhone user right now?

Honestly, not much; and there are two really big reasons why:

  1. Currently, this effects users in China
    … and that’s about it right now. So unless, you’re an iPhone user, in China, at least for the moment, you’re safe.
  2. This is currently a Windows only Attack
    So, if you’re a Mac, you’ve got nothing to worry about. It all starts on the desktop, as I noted above.  If you’re using a Windows PC, then be vigilant; but again, unless you’re a Windows user that actually uses a Chinese localized version of Windows (and actually resides IN China), then you don’t’ have anything to worry about.
  3. If you’re OTA Only
    …Then don’t sweat it at all. If you NEVER connect your iPhone to a Windows machine, like…EVER… then you’re perfectly safe.  Apple’s on device security measures have already covered for this, and you have nothing to worry about.

So, what can you do to protect yourself, if you’ve been to China recently, use a Windows PC, and think maybe you might-could, possibly be infected??  That’s really easy.

  1. Don’t Jailbreak your iPhone
    I know, I know, I know… I said earlier that this attack hit NON-jailbroken iDevices. The whole thing starts, though on the desktop through the program Aisi Helper. While you may not be interested in its jailbreaking services, it can be used to backup, and clean cruft from your iDevice.Here’s a piece of advice – the only thing you need to use to back up your iDevice is iTunes. Period. If you don’t connect to iTunes on your computer through a USB cable and are OTA only, then use iCloud to back up your device. If you think you need to reset your, iDevice, then use only Apple provided tools (iTunes or the Reset functionality in your iDevice’s Settings).  Using third party tools for any of this is just an invitation to trouble
  2. Uninstall the Desktop Software
    If you have Aisi Helper on your PC, uninstall it. Period.  Don’t ever install any third party tool to backup, clean, or manage content on your iDevice, unless you REALLY trust the developer. And then, it’s really, REALLY risky.
  3. Run a Virus Scan
    After its gone, run a full virus scan with the tool of your choice, and then  make sure you quarantine and then remove any threats that are found.

This development is interesting, and monitoring for it on your iDevice and outside of China (where it’s the only place this is currently a threat) isn’t a bad idea.  However, at this point, for everyone else, this isn’t too big of a deal.  The biggest thing you have to keep in mind though, is that jailbreaking your iDevice is risky, no matter how much you might hate Apple’s walled garden.

While you may not be able to do everything you might want to do with your iDevice in terms of customization and side loading applications, with the threat of malware that steals your personal information that can lead to identity theft, the cool factor and the value in breaking free largely lose their appeal.

What do you think? Is jailbreaking still a thing?  Does it really offer you the options you’re looking for?  Is it too risky?  Do you have a jailbroken iDevice?  Why don’t you meet me in the discussion area below, and let me know?

Related Posts:

Stay in touch with Soft32

Soft32.com is a software free download website that provides:

121.218 programs and games that were downloaded 237.780.356 times by 402.775 members in our Soft32.com Community!

Get the latest software updates directly to your inbox