S0311 YiSpecter
YiSpecter iOS malware that affects both jailbroken and non-jailbroken iOS devices. It is also unique because it abuses private APIs in the iOS system to implement functionality. 1
Item | Value |
---|---|
ID | S0311 |
Associated Names | |
Type | MALWARE |
Version | 1.1 |
Created | 25 October 2017 |
Last Modified | 11 December 2018 |
Navigation Layer | View In ATT&CK® Navigator |
Techniques Used
Domain | ID | Name | Use |
---|---|---|---|
mobile | T1476 | Deliver Malicious App via Other Means | YiSpecter‘s malicious apps were signed with iOS enterprise certificates issued by Apple to allow the apps to be installed as enterprise apps on non-jailbroken iOS devices.1 |