All of those iPhones sold come with a steep downside, iOS’ growing popularity makes it a larger target for Malware. On the heels of the fake Xcode malware, there is yet another malware outbreak. This also is primarily targeted at Chinese and Taiwanese users, but here are some of the details:
YiSpecter consists of four different components that are signed with enterprise certificates. By abusing private APIs, these components download and install each other from a command and control (C2) server. Three of the malicious components use tricks to hide their icons from iOS’s SpringBoard, which prevents the user from finding and deleting them. The components also use the same name and logos of system apps to trick iOS power users.
