Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (70)
  • add to favourites
    Add to Bookmarks

No chance victims

Read: 26498 Comments: 7 Rating: 15

Monday, February 17, 2020

In the “Random victims” issue, we mentioned the cyber attack on the Federal News Agency. In that publication we highlighted the attackers' ability to target infrastructures in another country. Today, we'd like to draw your attention to a different aspect, namely, the tools that were employed by the attackers.

The infection spread from an ordinary iPhone 7 Plus belonging to an agency employee. A USB data cable was used to connect the device to a PC that had no Internet access. The gadget uploaded malicious files to the computer automatically and gave the attackers remote access to the PC.

Source

Are there malicious programs for iOS?

Classified by Dr.Web as IPhoneOS.PWS.Stealer.1, the malware stole Apple ID credentials on devices compromised by the trojan. IPhoneOS.PWS.Stealer.2... can download and install other applications on the infected smartphones and tablets. The installed apps included those that the trojan would purchase in the App Store automatically at the expense of unsuspecting users.

IPhoneOS.Xsser.1 could steal such confidential information as the contents of the phone book, photos, passwords, SMS messages, the call history, and the device location. IPhoneOS.Cloudatlas.1 could steal such confidential information as the contents of the phone book, photos, passwords, SMS messages, the call history, and the device location.

Source

Programs of this kind are very few in number, which means an iPhone can:

  • Serve as a medium for transferring malware to other devices (like a flash drive);
  • Get compromised so that a spearhead attack can be mounted.

If the article we cited at the beginning of this issue described actual events (we have no confirmation of that), then a targeted attack did take place and a specific mobile device was infected to penetrate an office network.

#iOS #mobile #Dr.Web_settings #Office_Control #removable_media

The Anti-virus Times recommends

Criminals who go about designing such software for iOS will most likely make sure that it won't be detected by a corporate anti-virus using malware signatures. But this doesn't imply that anti-viruses are powerless against these threats. For example, Dr.Web Enterprise Security Suite can protect networks from such attacks. To accomplish this:

  • The Office Control must restrict employee access to specific files and folders.
  • Employee desktops and laptops should only be able to run trusted applications—to this end, you can use the application whitelist.

And, of course, users should not have the permissions to run applications whose files reside on their mobile devices or appear in their mailboxes.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments