Solutions

YiSpecter: Another iOS Malware That Attacks Non-jailbroken Apple iOS Devices

It’s less than 3 weeks since Unit 42 from Palo Alto published the IOS XCodeGhost malware that has infected 39 apps in Apple App Store. And they’re at it again! This time Unit 42 published findings on the malware YiSpecter, which uses many attack vectors with the key differentiator being Enterprise certificates & Private API to implement the hack.

This level of sophisticated is usually associated with Advanced Persistent Threat (APT)rather than a simple infection but since Apple Store has very strict checks, I guess they have to go to this level of sophistication in order to infect non-jailbroken devices.

Now I’m not saying that this malware company (YingMob Interaction) is really good, but they did “go the extra mile” to ensure a successful widespread infection by borrowing APT techniques published over the past 5 years.

In summary, YiSpecter mainly targets iPhone & iPad users in China & Taiwan, so maybe the hackers only target Simplified Chinese language users. The infection starts from infected websites, Windows-based IM platform like Tencent’s QQ Chat and forums where malicious HTML files are posted & displayed on the target IOS screen.

On IOS 8 devices, if the user click on dialog box to allow downloading the app, it is automatically installed because it contain a stolen but valid Enterprise certificate. On IOS 9, you have to switch on the permission to install Enterprise app, so new users are protected. However, if you’ve upgraded from IOS 8, it’s likely you’re still infected because YiSpecter is self-preserving, can spread the infection as part of a Botnet and is hidden from the user.

I wouldn’t go into the mechanism of the infection because it’s too technical for average users. You can find the link to the original Palo Alto notice at the end of the article.

To Clean the infection, you have to do the below:

  1. In iOS, go to Settings -> General -> Profiles to remove all unknown or untrusted profiles;
  2. If there’s any installed apps named “情涩播放器”, “快播私密版” or “快播0”, delete them;
  3. Use any third-party iOS management tool (e.g., iFunBox, though note that Apple’s iTunes doesn’t work in this step) on Windows or Mac OS X, to connect with your iPhone or iPad;
  4. In the management tool, check all installed iOS apps; if there’re some apps have name like Phone, Weather, Game Center, Passbook, Notes, or Cydia, delete them. (Note that this step won’t affect original system apps but just delete faked malware.)

Source:
YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs

Solutions

[Chinese version] Malware XcodeGhost Infects 39 iOS Apps, Including WeChat, Affecting Hundreds of Millions of Users

Palo Alto单位 42 发现恶意软件 XcodeGhost 感染 39 iOS 应用程序包括微信影响以亿计用户

现在很多受影响公司更新他们苹果官方集成设计环境重新发布他们应用程序,请更新受影响软件如果无法更新应用程序,还更好暂时删除它。

务必更改应用程序密码 AppleID 密码因为这些密码有可能已经黑客骗走了

以下是Palo Alto & FOX-IT所公布的清单

网易云音乐  2.8.3
微信  6.2.5
讯飞输入法  5.1.1463
滴滴出行  4.0.0.6-4.0.0.0
滴滴打车  3.9.7.1 – 3.9.7
铁路12306  4.5
下厨房  4.3.2
51卡保险箱  5.0.1
中信银行动卡空间  3.3.12
中国联通手机营业厅  3.2
高德地图  7.3.8
简书  2.9.1
开眼  1.8.0
Lifesmart  1.0.44
网易公开课  4.2.8
马拉马拉  1.1.0
药给力  1.12.1
喜马拉雅  4.3.8
口袋记账  1.6.0
同花顺  9.60.01
快速问医生  7.73
懒人周末
微博相机
豆瓣阅读
CamScanner
CamCard
SegmentFault  2.8
股公开课
股市热点
新三板
滴滴司机
OPlayer  2.1.05
电话归属地助手  3.6.5
愤怒的小鸟2 2.1.1
夫妻床头话  1.2
穷游  6.6.6
我叫MT  5.0.1
我叫MT 2  1.10.5
自由之战  1.1.0
Mercury
WinZip
Musical.ly
PDFReader
guaji_gangtai en
Perfect365
网易云音乐
PDFReader Free
WhiteTile
IHexin
WinZip Standard
MoreLikers2
CamScanner Lite
MobileTicket
iVMS-4500
OPlayer Lite
QYER
golfsense
同花顺
ting
installer
下厨房
golfsensehd
Wallpapers10000
CSMBP-AppStore
礼包助手
MSL108
ChinaUnicom3.x
TinyDeal.com
snapgrab copy
iOBD2
PocketScanner
CuteCUT
AmHexinForPad
SuperJewelsQuest2
air2
InstaFollower
CamScanner Pro
baba
WeLoop
DataMonitor
爱推
MSL070
nice dev
immtdchs
OPlayer
FlappyCircle
高德地图
BiaoQingBao
SaveSnap
WeChat
Guitar Master
jin
WinZip Sector
Quick Save

Solutions

Malware XcodeGhost Infects 39 iOS Apps, Including WeChat, Affecting Hundreds of Millions of Users

Unit 42 finds that malware XcodeGhost infects 39 iOS apps, including WeChat, affecting hundreds of millions of users.

Update your software now as many of the affected developers have updated their official Apple Xcode IDE, which is NOT affected, and republished their apps. If you can’t update the app, it’s better to temporarily uninstall it.

Also make sure to change your app passwords and AppleID password as it’s likely being phished by hackers.

Here’s the list discovered by Palo Alto & FOX-IT.

网易云音乐  2.8.3
微信  6.2.5
讯飞输入法  5.1.1463
滴滴出行  4.0.0.6-4.0.0.0
滴滴打车  3.9.7.1 – 3.9.7
铁路12306  4.5
下厨房  4.3.2
51卡保险箱  5.0.1
中信银行动卡空间  3.3.12
中国联通手机营业厅  3.2
高德地图  7.3.8
简书  2.9.1
开眼  1.8.0
Lifesmart  1.0.44
网易公开课  4.2.8
马拉马拉  1.1.0
药给力  1.12.1
喜马拉雅  4.3.8
口袋记账  1.6.0
同花顺  9.60.01
快速问医生  7.73
懒人周末
微博相机
豆瓣阅读
CamScanner
CamCard
SegmentFault  2.8
股公开课
股市热点
新三板
滴滴司机
OPlayer  2.1.05
电话归属地助手  3.6.5
愤怒的小鸟2 2.1.1
夫妻床头话  1.2
穷游  6.6.6
我叫MT  5.0.1
我叫MT 2  1.10.5
自由之战  1.1.0
Mercury
WinZip
Musical.ly
PDFReader
guaji_gangtai en
Perfect365
网易云音乐
PDFReader Free
WhiteTile
IHexin
WinZip Standard
MoreLikers2
CamScanner Lite
MobileTicket
iVMS-4500
OPlayer Lite
QYER
golfsense
同花顺
ting
installer
下厨房
golfsensehd
Wallpapers10000
CSMBP-AppStore
礼包助手
MSL108
ChinaUnicom3.x
TinyDeal.com
snapgrab copy
iOBD2
PocketScanner
CuteCUT
AmHexinForPad
SuperJewelsQuest2
air2
InstaFollower
CamScanner Pro
baba
WeLoop
DataMonitor
爱推
MSL070
nice dev
immtdchs
OPlayer
FlappyCircle
高德地图
BiaoQingBao
SaveSnap
WeChat
Guitar Master
jin
WinZip Sector
Quick Save

Source: Malware XcodeGhost Infects 39 iOS Apps, Including WeChat, Affecting Hundreds of Millions of Users

Opinions

How Microsoft should market Windows Phone 8

Windows Phone 8 looks like it’s good enough to take on iPhone 5 & Android Phones running Jelly Bean but it means nothing if Microsoft is not able to get it into people’s hands. In order to do that, they need to market, market, market WP8 phones with all their money! Here’s my opinion on how they can approach the market.

MS should do what Apple always does. Emphasize on the strong benefits of the OS. This kind of marketing CAN change people’s perspective. The important thing is not to belittle the competitors, just say we’re better. Emphasize on the BENEFITS (user scenario) as much as possible.

As an example. The #smokebywindowsphone strategy has work to a certain extend but MS should have made a big TV campaign that say that WP7 is single-core, so what? We’re still faster than a Quad-core smartphone (cue Nokia Lumia 800 overshadowing Samsung Galaxy S3 in capturing a FUN or embarrassing moment, then Tag the victim & upload it to Facebook). All done in 10 seconds before the victim even have a chance to stop you.

Then do another Ad that say WP8 has 100,000 apps while others have more than 600,000. So what? Our apps are actually useful & beautiful in bold “Windows 8” style that’s easy on your eyes, (cue HTC 8X’s camera app + CNN + Weave, in app & on Live Tiles, etc. then show Motorola RAZR HD succumb to a virus.)

And most importantly, something like WP7/8 connects you to your most important (anything), then show HTC 8S showing Me Hub, People Hub, Group updates, Picture Hub, Notification & What’s New filtered according to Facebook, Twitter or All. Ends with a tagline with the effect that WP8 helps you run your life, not be overrun by it. Then show Apple rows & columns of icons scrolling aimlessly.

These Ads should be designed to invoke desire & emotion. Make it look fun & easy. Show off the integration & speed, show people are able to get BACK to their important, their lives, their friends & family or their work made easier. No talking in these ad please! The “Really” campaign didn’t work because people don’t get it.

Getting celebrities to show off these phones is another great way to promote the platform. Jessica Alba was recently spotted with a Cyan Nokia Lumia 900. Why not get her to spearhead a North American or even Worldwide campaign? Do it with blitz & glamour like how they sell fashion or cars. It’s about the concept & association, not the product. You want WP8 to look cool when engaging Star power.

Nokia Lumia ads circa 2011-2012 are going in the right direction with everyday people using their phones for important parts of their everyday lives but it’s time to actually show how these features will benefit the average person, which will reduce the comparison with Android & iOS. Currently, most people still don’t “get” Live Tiles & Hubs.

Do mini-ads that emphasis on a particular hub like how Apple like to showcase their improvements in lovely ads even if it’s so minor, like a fifth row on their screen due to the longer form factor. Not a big deal you say? But it means more screen to show stuff & being able to watch movies in letterbox format.

For example, the Me Hub, introduce the individual function like FB Check-in, a central Notification for ALL communications associated with Me, the What’s New page showing what I’ve post on all the different social medias.

Or the People Hub that show all the things you could do with other People’s posts on all the different social medias including traditional calling/VoIP & SMS/IM + a integrated History page that shows you how you’ve interacted with this person all in 1 page.

There’s also the oft-overlooked Picture Hub & for businessmen & students, the Office Hub.

As for OEM specific stuff, things like the OIS camera on the Lumia 920, they should totally reshoot that girl on the bicycle with a Lumia 920 to shut all the critics up & put boldly in the Ad “Shot with Lumia 920” like those Canon DSLR ads. Nevermind if they have to NG 200 times… Then purposely zoom in when they pass by a mirror to show the guy holding the Lumia 920… sorta like giving the middle finger to all doubters. But I recommend a change of venue to one a couple will actually go to for a date, like a park or the beach. Not some dock…

The NFC? Samsung ad showing the SGS3 with the guy proposing to a girl thru glass using NFC to transfer his video proposal. Fantastic idea! MS or Nokia should totally ripoff this idea! Maybe get Samsung to do that with their ATIV S as well but maybe at a fancy restaurant to avoid confusion with the Galaxy S3. After the girl saw the vid, get the guy to flash the ring & the restaurant comes alive with confetti or something. Some good old fashion feel good vibe for the shy guys among us.

Wireless charging? Show a guy playing Angry Bird or a sports game at an Airport lounge with wireless charging built into the table until he misses his flight because his battery never dies. Make it funny, make him grow a beard & long hair with the clock racing in the back… When he finally finishes the game or when someone demolishes the lounge, he’s now in a space-port with spaceships rocketing by…

Make sure these ads are targetted at the correct audience in the correct media. This part, MS got it but they need to do more in each demography they’re targetting.

I could go on & on but end of the day, the ads that people remember are those that emote them & buyers buy based on emotion (with the saleperson being the final push). Or for the Japanese market, something so absurd, people will it remember as well.

I’m getting a sense that people are starting to notice WP, now we just need to swing them to our side of the pendulum.

Lastly, MS & their distribution channels must train the sales-force well enough so they can genuinely excited by the possibilities with WP8. And I’m talking worldwide here.

After Oct 26 2012, if there’re new integration of Windows 8, Windows RT & Xbox 360 with WP8, they should totally emphasize on that integration as well come Oct 29 2012 WP8 launch.

Opinions

Samsung losing patent case is Good for consumers!

So the jury has ruled that Samsung has lost the patent case against Apple.

Apple, as expected, is on the victory march & Samsung has come out with a sourpuss respond that “consumers will be hurt.” Samsung lawyers are obviously misguided.

Firstly, I’m for innovation & being paid for my ideas. I used to develop software with GUI meant for people with zero computer experience. Thus, I do admire iOS simplicity despite the fact that I wouldn’t develop for it. (That’s another story).

I remember a time when Linux advocates are criticising MS OS/software as bloated. Many of these developers probably aren’t programming for ease-of-use. It was extremely tedious to develop a software that is intelligent enough to accept inconsistent user input or to accept errors & NOT crash. It takes a lot of error checking & data shaping at the point of user input & MS software does this very well. It also takes a lot of thought into how the user will interact with the GUI to ensure it’s not annoying to use due to constant error prompts ruining the experience. Having lots of graphics also make software bigger & somewhat slower.

Of course, these days, all these checking are abstracted into the background & developers don’t have to spend time doing human input checking anymore. It’s all automatic in MS & Apple software. Smartphones are also more powerful & have more memory than PCs 15-20 years ago so program size is no longer any issue. But for Google’s software, the GUI is less mature due to its reliant on Open Source Software, where developers are still not as concern about writing software for end-users.

Secondly, the Koreans are very good at copying others’ success stories & make themselves successful. They are also very aggressive when their neck is at stake. Just look at Korean car makers. They are out-competing Japanese car-makers by making cheaper cars with more features which also happen to look nicer (or at least unique.) Granted, the designers of these cars are usually Germans but consumers gain by having cars with near Japanese quality with more features at a lower price!

This will be the likely scenario now that Samsung & other Android phones are found to infringe on the patents that makes iOS unique. Google will have to make Android more unique & eventually, consumers win. Android makers like Samsung, LG, HTC, Motorola will have to improve their customizations, which only means better user experiences for those phone.

Nokia has shown that it’s possible to create a smartphone with a compelling user experience without copying iOS. Apple lawyer even showed a Nokia Lumia at one point as proof, there are good smartphone OS GUI that don’t infringe on any Apple patents.

Let this be a wake-up call to Google to stop ripping off other people’s ideas. It’s ok to copy & improve on the design & value-add to the consumers. Make the new design your own instead of doing a poor job plagiarizing prior art.

Opinions

OEMs can’t do it, so Microsoft DID IT!

This is a follow-up for my previous post on What I think a Windows 8 Tablet should be like.

Intro

Finally, our prayers have been answered. While Computex showed some interesting Windows 8 tablet concepts. Most of it was just gimmicky (Asus Taichi) or rehash of a failure (Acer W510/W700) or plain uncomfortable (Lenovo Yoga).

Before Microsoft Surface

The Acer W700 looks like it may be the closest to my wishlist but then they added that huge useless stand. I sure they can squeeze a couple of Lithium cells in there.

The Acer W510 is interesting because the keyboard has an additional battery & based on the battery life it’s an Atom but is it dual-core? Acer isn’t saying.

Asus Taichi looks very impressive & I’m sure some people is going to love the dual-screen, but can you imagine the current draw on the battery? Even when the screen is off, there’s current leakage which can absolutely kill the battery!

Lenovo Yoga has a flip to the back 360° hinge, so in tablet mode, your hand is caressing the keyboard keys. Very nice if you’re an accordion player, not so nice for the rest of us.

The Future

What is Microsoft to do? Well, they did this!

The Microsoft Surface

Not to be confused with the Super-cool but super-expensive coffee table, the new Surface(s), one for Windows RT & one for Windows 8 Pro, is targeted at the iPad & Android tablet market & the TabletPC market respectively. (The coffee-table is now called PixelSense.)

Microsoft worked in secret for this tablet & the engineering effort shows in the precision in the whole thing. Unlike the iPad, the Surface is also easily repairable like all Microsoft hardware products. See the torx screws at the bottom?

The Fully magnesium-alloy chassis is also used in many hi-end tablets/Ultrabooks from Lenono Thinkpad X series to Fujitsu T & S series because of strength & toughness, but this is an expensive material to use & machine. In the Surface, it’s basically magnesium & Gorilla Glass 2.0 protecting the thing. So this thing is NOT going to be cheap. BOM cost is going to be high. So I’m hoping this is like the 1st-gen Xbox & Microsoft sell at or below cost to secure market share. (Me dreaming…)

Why is Microsoft doing this now?

Some bloggers & tech journalist mentioned threat to the Windows eco-system. What do they mean? Windows is installed in more than 1 billion PCs around the world. When you add up all the Macs + iPad, it’s only 300million. (Phones not included). What threat?

Well, Microsoft’s Windows is 1 of the pillars of profit. Over the years, it’s profitability has reduced slightly. One of the reason is iPad is good enough for many people’s needs + iPhones has 30+% of worldwide smartphone market. Many of these people still need a PC to connect & manage these devices. A big portion has chosen Mac OS to be THAT device. Granted, many of them still buy Windows licenses to run in Parallel, but that’s because they NEED to, not because they WANT to.

The soonest their work don’t need Windows, they wouldn’t even boot up or upgrade their Windows license. Microsoft knows this, hardware makers know this, Apple knows this & now, so does Google with their Chrome OS.

After the uninspiring show at Computex, Microsoft announced this ultra-secret press conference to salvage developers’ interest. Remember, without apps & hardware, the eco-system is dead. Just look at RIM, lotsa BB 10 demos but no devices yet. Developer interest is low.

Apple just finished their WWDC & Google is doing their thing next week. On Wednesday, Microsoft will share Windows Phone 8 Apollo with the rest of the world. Monday was the best time to drop the bomb.

Mostly good reception but doubters exist.

Some bloggers criticized Microsoft for always announcing things way before product availability unlike Apple. These bloggers must not have covered the tech industry for very long or they’re only covering Apple, who deal mostly with consumers.

Microsoft has to announce things early so that companies can set the direction & upgrade path for the next few quarters. CTOs cannot have disruption to their business because a vendor suddenly change or discontinue product lines, something Google is famous for, or new features which are incompatible with company infrastructure, Apple’s forte.

Yes, BYOD is on the rise. But in many industries, accountability & compliance is still paramount. Microsoft is successful because they do not disrupt their product lines like Apple do. Surface is the most logical way of moving forward & setting the bar for OEM to follow, just like how Intel set the Ultrabook reference design. Microsoft is also not withholding any special software features so OEMs can play on even ground when they get their acts together.

Another mitigating factor is, Surface is unlikely to be cheap (assuming Microsoft sell at a premium), so OEMs can differentiate themselves using price & features like the laptops & PC.

Research houses like Ovum pointed out a jarring & horrible user experience. Jarring maybe, horrible? Hardly. If you’re using Win RT, the chances of you dropping to Desktop is low & only for Office 15 which you’d use when you’re sitting down & working with the keyboard cum cover. I’d like to ask Ovum researchers, when you’re on the move, will you be formatting your text & checking grammar or generating numbers of Excel or Access, or will you be taking hand-written notes, audio notes & shooting the event with the camera?

For Surface Pro, a stylus is included so you can still use all your Enterprise software that uses ink. When used as a laptop, the keyboard/mouse is still used & Aero is still easy to navigate. When on the move, Metro takes center-stage. Jarring? Yes, but humans are adaptable.

Will Surface cannibalize OEM tablet sales? Just look at why Google came out with their Nexus series of phones. The OEMs can’t make it well. Look what happened to Samsung after helping Google? Their Galaxy line of smartphones benefitted greatly from getting frontline support from Google & Google’s vision.

In Microsoft case, Microsoft Hardware division designed the tablet in-house, according to Pinoys, the actual device is probably made in China by Pegatron. If we look at the hardware market for Mice & Keyboards, you still have a very healthy eco-system with Microsoft, Logitech & Razor on top, & tons of China/Taiwanese brands serving the mid-to-low end market.

Remember, we’re talking about Windows PCs here, which has more than 1 Billion physical devices. Right now, Microsoft has to grow this tablet market so that eventually these OEMs can rejoin at a later date with compelling products.

If cannibalization is the worry, I think the Surface (& subsequent OEM efforts) may wipe out the OEMs’ own Android tablets & overtake iPads. With a wide variety of Windows tablets to choose from, Microsoft’s vision is to beat the iPad the way they beat the MacIntosh 20 years ago.