April 22, 2014 at 12:11iOS / PSW.SSLCredsThief.A for iOS with jailbreak
A few days ago , information appeared about a malicious code of Chinese origin that targets mobile devices with Apple iOS (iPhone, iPad, iPod) that use jailbreak . The malicious code is a library called Unflod.dylib [ file on VirusTotal ] that intercepts the SSLWrite function in the context of processes running on the OS. SSLCredsThief is listening on outgoing SSL connections. When such a connection is detected, the malicious code tries to steal the transmitted Apple ID and the password used and send them to the remote server in the clear. ESET detects this malicious code as iOS / PSW.SSLCredsThief.A .
When applying the jailbreak operation to an iOS device, it loses the restrictions imposed by the OS on downloading digital content only from the App Store and direct access to the FS. In addition, the user is deprived of the warranty and maintenance by Apple, at least until the original firmware is restored (e.g. via iTunes).
When applying the jailbreak operation to an iOS device, it loses the restrictions imposed by the OS on downloading digital content only from the App Store and direct access to the FS. In addition, the user is deprived of the warranty and maintenance by Apple, at least until the original firmware is restored (e.g. via iTunes).