Over 75000 jailbroken iOS devices fall prey to AdThief malware

A security researcher has revealed that over 75000 iOS devices have been infected by a malware known as AdThief or "Spad."

iOS device users are often quick to jailbreak their devices, ignoring the security risks that come with exposing the system, in order to get more functionality out of their device. However, once again, a security risk associated with such devices has been exposed by a security researcher. According to the researcher, Axelle Apvrille, the malware targets various advertising SDKs and modifies the developer or promotion ID to match that of the hacker. Using this technique, the malware allows the hacker to gather all the revenue generated from the infected devices through advertisements.

15 advertising SDKs or adkits, including Google Mobile Ads and Weibo have been found to be affected by the AdThief malware. The researcher has managed to track down the author of AdThief online through some of the debugging information from the malware's source code. The developer, currently known by his online aliases "rover12421" and "zerofile," is revealed to be an Android developer who admitted creating the malware which he has now discontinued.

The developer has said that he created only the basic ID replacement functionality and someone else might have continued the development. He has further denied spreading the malware that has affected a large number of devices and grabbed revenue from 22 million ads.

Source: Virus Bulletin | Image via Virus Bulletin

Report a problem with article
Previous Story

Jolla chairman: We are the third mobile OS

Next Story

AT&T rains on Verizon's exclusive parade, will sell the HTC One M8 with Windows Phone too [Update]

27 Comments

Commenting is disabled on this article.

Well in that case only the developers are affected by a loss in ad revenues, while the average user would just don't care.

I wouldn't be surprised if 100% of the infected phones were pirating apps and mods. Downloading a cracked mod or app is just stupid - you have no idea what that modified program is doing.

Mr.XXIV said,
This is why I try to tell people about this "freedom" crap on their phones.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." =)

Scabrat said,

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." =)

Say's who?

Those who choose to embrace freedom should consider the risks of being free to make the wrong decisions. This is as true in life as it is in smartphones.

People who jailbreak or root their phones are free of the chains of the OS maker, but that also means they're free to make dumb choices like installing Malware.

bigmehdi said,
Explain me why the average user should feel concerned y a loss of ad revenue for the developers.

They stop developing apps for the average user to use.

Geezy said,
Wow, that's like.... 0.001% of the iOS market!
It's like having your app downloaded 75k times... Multiplied by the average number of apps with ads. Then the revenue of all those combined. Just lowballing an estimate, 20 ad-driven apps would mean the ad revenue from 1.5 million downloads.

This could be much worse for the jailbroken device user. Redirecting ad revenue is a pretty clever but meek exploit considering what could be possible with root control. The malware disturbs content delivery rather than end users. Interesting tactic when you really think about it.

morpheus6969 said,
Oh well.. maybe google and the like will stop putting ads in apps ;)

Assuming, of course, that you're willing to pay $5-20 for an app instead of getting it for free? Right?

those that make malware should be beaten within an inch of their life, fixed up, and beaten again.

Edited by timster, Aug 19 2014, 9:00pm :

timster said,
those that make malware should be beaten within an inch of their life, fixed up, and beaten again.

They should be treated like terrorists, since they kind of are in a way

timster said,
those that make malware should be beaten within an inch of their life, fixed up, and beaten again.

I find it so stupid that they make malware anyways. They are generally brilliant people and instead of making a useful app or something, they rip people off and frustrate the user...

Praetor said,
because they make more money that way? remember that not all malware developers are from 1st world countries.

Right. Which means they have a great opportunity to fill in some tech software gaps =).

Praetor said,
but it's true: through organized crime one can make much more then a paid job.

I am not talking about a paid job. I am talking about them becoming a developer. Using their mind to create useful stuff instead of tricking Windows 7 users into downloading pdf converters and un-zippers and whatnot =).

You may be right, there might be more money in malware, but if they are that intelligent my hypothesis is that they can make just as much or more becoming a developer of something useful/cool =).

'The Article'
According to the researcher, Axelle Apvrille, the malware targets various advertising SDKs and modifies the developer or promotion ID to match that of the hacker. Using this technique, the malware allows the hacker to gather all the revenue generated from the infected devices through advertisements.

Sneaky.. and doesn't do anything obvious that would make you think your device has been compromised.

Max Norris said,

Sneaky.. and doesn't do anything obvious that would make you think your device has been compromised.
That's where things are moving nowadays... Prevent detection at all costs.