Recently, a new malware for iOS devices was discovered apparently part of the Pawn Storm operation. We've investigated. Update 2015/02/19: The BuildMachineOSBuild is actually shared with 9 other Mac devices, so the author may have been working also on a MacBook Air 11'', MacBook Pro 15'' etc. The following features of Pawn Storm apparently do not require jailbreak: getting phone info (device model etc), test existence of jailbreak, list running processes, get wifi status, geolocation. Some other features don't... [Read More]
by RSS Axelle Apvrille  |  Feb 13, 2015  |  Filed in: Security Research
With our FortiGuard Labs reporting that 96.5% of all mobile malware is Android based it would be easy to see why someone might opt for an iPhone. But, users beware. Don't write off iOS as the secure alternative to Android just yet! Despite, Android malware being nearly an epidemic, or as Tim Cook referenced, "a toxic hellstew", iOS is not immune. Before somebody asks me (again) whether there are any iOS malware or not, I decided to consolidate the information for you. Hope this helps you, and keeps your (i-) phones secure :) Name Discovery... [Read More]
by RSS Axelle Apvrille  |  Jun 09, 2014  |  Filed in: Security Research
Unless you're on a trek in the Himalayas, by now you've probably heard one way or another that the infamous "Jailbreakme" website is back to free iPhones (including iPhones 4 running iOS 4.0.1) and iPads : it's just everywhere on the web, even with videos and tutorials. However, fewer resources address the technical aspect of jailbreaking. You might have found out that the online jailbreaking tool is resorting to a drive-by-script exploiting a 0-day vulnerability. We'll try and provide a few other technical findings below. First, let's connect... [Read More]
by RSS Axelle Apvrille  |  Aug 05, 2010  |  Filed in: Security Research
Unless you have been cut from the net this last week, you probably know by now iPhones are facing their first set of malware (first ? well, actually, not quite as we have already detected spyware for iPhones): it's just all over the web. Those malware target jailbroken iPhones whose the default root password ('alpine') hasn't been changed. Consequently, most people remind/advise iPhone owners to customize root's password or not to jailbreak their iPhone. This is correct, but it is nonetheless worth adding that: all passwords should be customized:... [Read More]
by RSS Axelle Apvrille  |  Dec 02, 2009  |  Filed in: Security Research