Non-jailbroken iPhones are usually close to immune from malware thanks to Apple vetting every app before it’s made available in the App Store. So far, malware has relied on abusing enterprise certificates designed to allow companies to distribute apps to their own phones. But security company Palo Alto Networks has discovered a new piece of malware that can infect iPhones by exploiting a vulnerability in Apple’s DRM mechanism.

AceDeceiver is the first iOS malware we’ve seen that abuses certain design flaws in Apple’s DRM protection mechanism — namely FairPlay — to install malicious apps on iOS devices regardless of whether they are jailbroken.

AceDeceiver currently uses a geotag so that it is only activated when a user is located in China, but a simple switch could allow it to infect iPhones elsewhere …

expand full story