YiSpecter iPhone malware won’t spook you if you’ve kept iOS updated, says Apple

Graham Cluley
Graham Cluley
@[email protected]

According to Apple, your iPhone and iPad should be safe from the YiSpecter malware if you are running iOS 8.4 or later (the latest released version of iOS is 9.02).

YiSpecter, which is believed to have been infecting iOS devices in China and Taiwan since at least November 2014, was brought to the wider public’s attention by researchers at Palo Alto Networks, who described how it installed unwanted apps, replaced legitimate apps with ones it had downloaded, and displayed money-making full-screen advertisements.


Notably, YiSpecter was found infecting iPhones and iPads regardless of whether they had been jailbroken or not, exploiting certificates issued under Apple’s iOS Developer Enterprise Program and private APIs.

Sign up to our free newsletter.
Security news, advice, and tips.

However, in a statement given to Apple-watching blog The Loop, the technology firm said that the only users who were potentially at risk were those who had not updated their devices to iOS 8.4 or later:

“This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps.”

iOS 8.4 was released at the end of June 2015. Although at the time many commentators focused on iOS 8.4 introducing Apple Music for the first time, it also addressed a number of ways in which non-jailbroken iPhones and iPads could be attacked by malicious software.

At the time, all iOS users – whether inside businesses or at home – were advised to upgrade.

Of course, if you are still using an iPhone 4 (or earlier hardware) then you won’t have been able to upgrade to iOS 8 (let alone iOS 8.4) so you could still potentially be vulnerable. Even if you have an iPhone 4S, you may have held off upgrading to iOS 8 because of sluggish performance.

If you are a user of an older iOS device that isn’t running iOS 8.4 or later then you will need to decide for yourself what the best course of action is. The chances of being hit by the YiSpecter attack may be relatively low, especially if you’re not based in China and Taiwan, and you may decide that the cost of upgrading your hardware to a more modern device is prohibitive.

You make your choices and take your chances…

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.