iOS Malware Overview
© by Zack Smith All rights reserved.
How malware reaches your iOS device
Apps using infected librariesLibraries downloaded as object code can have anything in them, including spyware and other malware. This is one reason why programmers' use of CocoaPods is a bad idea. Sure, CocoaPods saves some time and makes it easier to put new features into apps. But it is like downloading a PDF via BitTorrent. There is a chance of infecting innocent iPhone owners' phones.
Programmers' convenience + users' risk = unethical.
Apps using insecure librariesAt one point recently, many banking iOS banking apps became vulnerable to MITM attacks because they used AFNetworking, whose default setting was/is to not check that the HTTPS server it connects to really is the one asked for.
The TIFF library has also been attacked, which can be done with a carefully crafted MMS message.
Programmers using infected copies of XcodeXcodeGhost is malware that is injected into apps by an infected copy of Xcode. This mainly affected programming that was outsourced to China like Angry Birds 2. Chinese programmers didn't want to wait for Xcode to download from Apple's server, so they downloaded infected copies from Chinese servers.
Companies' savings (outsourcing) + users' risk = unethical.
Exploits based on installation of enterprise appsPalo Alto Networks found a malware that it dubbed YiSpecter that does just this.
Malware getting loaded via a secondary app storeZergHelper appeared to Apple's app reviewers in California to be an English tutoring app. However whenever the app was run in China, it provided a secondary app store to run pirated iOS apps which were signed with certificates not originating from Apple but accepted by iOS anyway.
Infection by malware on your Windows PC via USBPalo Alto Networks discovered AceDeceiver, which does exactly this.
Infection by malware on your Mac via USBPalo Alto Networks discovered WireLurker, which does exactly this.
Drive-by exploits (you visit an infected website)This has been known to affect iOS. Wikipedia article