Posts in iOS Malware

DualToy is a Windows Trojan that is used by attackers to download malicious apps onto Android and iOS devices via USB connection. This is also known as “sideloading.” When a computer running Windows OS becomes infected by DualToy, ads begin to appear and browser settings on the system are altered.

Read More
iOS MalwareNJCCICDualToy

X-Agent, also referred to as “Sofacy,” is a remote access toolkit that works against the Android operating system and Apple’s iOS. This malware is known for its association to the state-sponsored hacker group “FANCY BEAR,” also known as “Sofacy” or “APT28,” a group tied to Russian Military Intelligence (GRU).

Read More
iOS MalwareNJCCICX-Agent, Sofacy

In August, Apple pushed an emergency iOS update to patch zero-day vulnerabilities, dubbed Trident. The zero-days include CVE-2016-4655, a memory corruption vulnerability, CVE-2016-4656, a kernel base mapping vulnerability, and CVE-2016-4657, a kernel memory corruption vulnerability that leads to jailbreaking the device. Israeli software company, NSO Group, sold the vulnerabilities and the spyware used to exploit them, called “Pegasus.”

Read More
iOS MalwareNJCCICPegasus

Wirelurker is a mobile Trojan affecting Mac OS X and iOS devices. The malware will infect a Mac device, then lay dormant, waiting for an iOS device to be connected by USB, where it will download itself on to the iOS device through the USB cable. 

Read More

Fusob is a one of the most prevalent forms of mobile ransomware. According to Kaspersky, Fusob represents over 56 percent of mobile ransomware activity between 2015 and 2016. US users make up approximately 11.4 percent of all Fusob victims. For US victims, the ransomware will display a screen with a statement claiming to be from NSA demanding a ransom for illegal actions taken and a criminal case will be opened if the fine is not paid.

Read More