YiSpecter

YiSpecter iOS malware that affects both jailbroken and non-jailbroken iOS devices. It is also unique because it abuses private APIs in the iOS system to implement functionality. [1]

ID: S0311
Type: MALWARE
Platforms: iOS
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1476 Deliver Malicious App via Other Means

YiSpecter's malicious apps were signed with iOS enterprise certificates issued by Apple to allow the apps to be installed as enterprise apps on non-jailbroken iOS devices.[1]

References