For almost a year, Chinese hackers have leveraged a novel one-two punch to compromise iOS devices, including non-jailbroken iPhones, then seed them with adware, a security company said today.
The malware, dubbed "YiSpecter," was written in China by Chinese hackers, and what screen text was displayed was in Chinese, said Ryan Olson, director of the Unit 42 threat intelligence unit at Santa Clara, Calif.-based Palo Alto Networks, in an interview. The malware was distributed almost exclusively in the People's Republic of China (PRC) and Taiwan.
Palo Alto's Claud Xiao was the prime researcher behind the discovery of YiSpecter's capabilities. Xiao has been on a roll of late: He was also a driver behind the analysis of XcodeGhost, another adware campaign that used a different-but-just-as-unusual infection vector.