New iOS Malware Attacks Users Who Are Jailbroken [AdThief]

There is a report that a new iOS malware attacks users with jaibroken iDevices. The malware is known as AdThief. It infects iPhones and iPad that were jailbroken and become more sensitive to third-party programs which can be installed only when you are jailbroken.

The news comes from Axelle Apvrille who is a security researcher and assures that 75,000+ gadgets are already infected. AdThief malware has a mask. It injects on Apple devices as a Cydia Substrate extension.

This jailbroken iPhone malware attack that also works on iPads doesn’t harm users. It steals income from devs who get advertisement revenues from apps and games. The tool can swap ad identifiers which causes iOS developers lose their income.

jailbroken iphone malware attack

iOS jailbreak malware was first discovered in spring 2014. Apvrille mentions over 20 million mobile ads being hijacked by AdThief so far. It is not clear who has created this AdThief program, but it might be present on your iPhone, iPad and iPod touch if you jailbroke it using Pangu, Evasi0n or p0sixpwn. The program covers advertising networks in China, U.S. and other countries across the world.
Whoever developed this malware for jailbroken iDevices managed to use Cydia Substrate which is present in most jailbreak tweaks to create their tool capable of replacing identifiers of ads with the creator’s.

One name is still associated with the program. Rover12421 from China is believed to stay behind the jailbreak malware AdThief. This hacker is also known as “zerofile” on different forums. However this guy assures that he doesn’t distribute his creation. He says he has only created its prototype and does nothing more.

Don’t use untrusted sources to download applications and games. Cydia store has a lot of trusted repos where you can get hacks and jailbreak tweaks for your iPhone, iPad and iPod. Some malware programs can be dangerous!