Apple has warned the iPhone owners to not jailbreak their phones because by removing the sandbox protections placed in its iOS products, these devices become vulnerable to malware and without the warranty, which is being voided, the device becomes useless. But, if seems that non-jailbroken iPhones are not so safe after all, because Security researchers at Palo Alto Networks Unit 42 have discovered a method used to infect them with malware after exploiting design flaws in the digital rights management technology.
In the past three years, this flaw has been exploited to pirate iOS, but only now it was used to infect iPhones with malware. So how does it work? The author of the malware purchases a legitimate application from iTunes and when the application is being downloaded, the hacker intercepts the authorization code that is used by the iOS devices to authenticate it. After getting their hands on the code, the hackers will write a PC program called Aisi Helper, which provides services (system backup, jailbrealing, device management, system cleaning and system reinstallation) for iOS devices. When the user will start the program, it will emulate the iTunes client in the background and the intercepted authorization code is being used to send infected applications to an iPhone, in secret.
Apple has failed to detect three infected applications, but they have been removed from the App store, said Claud Xiao, a famous researcher. He also said that “the attack is still viable because the FairPlay MITM attack only requires these apps to have been available in the App Store once. As long as an attacker could get a copy of authorization from Apple, the attack doesn’t require current App Store availability to spread those apps”.
Currently, the malware (“AceDeceiver”) has affected only the users from China, but most likely, the problem could extend globally, if other hackers will copy the attack technique.