S0311 YiSpecter
YiSpecter iOS malware that affects both jailbroken and non-jailbroken iOS devices. It is also unique because it abuses private APIs in the iOS system to implement functionality. 1
| Item | Value |
|---|---|
| ID | S0311 |
| Associated Names | |
| Type | MALWARE |
| Version | 1.1 |
| Created | 25 October 2017 |
| Last Modified | 11 December 2018 |
| Navigation Layer | View In ATT&CK® Navigator |
Techniques Used
| Domain | ID | Name | Use |
|---|---|---|---|
| mobile | T1476 | Deliver Malicious App via Other Means | YiSpecter‘s malicious apps were signed with iOS enterprise certificates issued by Apple to allow the apps to be installed as enterprise apps on non-jailbroken iOS devices.1 |