MacRumors reports that a new iOS trojan has been found “in the wild” that's can infect non-jailbroken iOS devices through PCs without the need to exploit an enterprise certificate. Named "AceDeceiver," the malware was discovered by Palo Alto Networks and is currently affecting iOS users in China.
What makes AceDeceiver different from previous iOS malware is that instead of abusing enterprise certificates as some iOS malware has over the past two years, it manages to install itself without any enterprise certificate at all. It does so by exploiting design flaws in Apple’s DRM (digital rights management) mechanism, and, even as Apple has removed AceDeceiver from App Store, it may still spread thanks to a novel attack vector.
AceDeceiver “is the first iOS malware we’ve seen that abuses certain design flaws in Apple’s DRM protection mechanism — namely FairPlay — to install malicious apps on iOS devices regardless of whether they are jailbroken, says Palo Alto Networks. As mentioned, it looks as though AceDeceiver only affects users in mainland China — for now. The bigger issue, however, is that it’s evidence of another relatively easy way for malware to infect non-jailbroken iOS devices, according to Palo Alto Networks. As a result, it’s likely we’ll see this start to affect more regions around the world, whether by these attackers or others who copy the attack technique, says the research center.