iOS / PSW.SSLCredsThief.A for iOS c jailbreak
A few days ago , information appeared about a malicious code of Chinese origin, which is targeted at mobile devices with Apple iOS (iPhone, iPad, iPod), for which jailbreak is used. Malicious code is a library called Unflod.dylib [ file on VirusTotal ], which performs the interception of the SSLWrite function in the context of processes running on the OS. SSLCredsThief listens for outgoing SSL connections. When such a connection is detected, the malicious code attempts to steal the Apple ID and password used and send them to the remote server in clear text. ESET detects this malicious code as iOS / PSW.SSLCredsThief.A .
When applying the jailbreak operation to an iOS device, it loses the restrictions imposed by the OS on downloading digital content only from the App Store and direct access to the file system. In addition, the user is deprived of Apple’s warranty and maintenance, at least until the original firmware is restored (eg, via iTunes).
When applying the jailbreak operation to an iOS device, it loses the restrictions imposed by the OS on downloading digital content only from the App Store and direct access to the file system. In addition, the user is deprived of Apple’s warranty and maintenance, at least until the original firmware is restored (eg, via iTunes).
')
Source: https://habr.com/ru/post/220353/
All Articles