iOS 11 Virus/Malware

Recently, TrendMicro, a security company, has published a serious flaw in iOS 11 that involves a malicious profile that can harm your phone and render it inoperable temporarily.

The latest Safari on iOS will automatically download a profile if it accepts a server response from a website.

ixintpwn-yjsnpi-1-1ixintpwn-yjsnpi-1-2

The images above show how the profile is a blob object and how Safari receives it

An iOS Configuration Profile has many uses such as enabling ” developers to streamline the settings of a huge number of devices, including email and exchange, network, and certificates”. Malicious profiles can wreak havoc on your devices through this by creating unsigned instances of itself and preventing deletion.

ixintpwn-yjsnpi-2ixintpwn-yjsnpi-3

The profile creates the same icon over and over again, filling all the pages up on the phone with useless icons that crash the SpringBoard if clicked.

In order to remove it from your device, you must use Apple’s Configurator tool to manage the installed profiles. It only works on Mac and can fail if the profile was not installed correctly.

A video of this malware in a more weaponized version can be seen here: https://www.youtube.com/watch?v=R7t2YOpiZGI&t=312s

As you can see, you shouldn’t install profiles from unknown sources as are capable of messing with the settings and take advantage of loopholes such as this. Another good practice would be updating your phone to the latest version, but that can also be bad as seen by this new iOS 11 malware.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s