There is a common belief that iOS devices don't get malware, but the iOS threat landscape is actually quite similar to what we saw on Android in 2010. Read the blog: https://blog.lookout.com/blog/2015/03/05/the-state-of-ios-security/

1. i O S T H R E A T S
The State of iOS Security

2. The iOS App Store is not
the impenetrable walled
garden you think it is.


3. T O P M Y T H S A B O U T A P P L E S E C U R I T Y
1#
MYTH: The Apple App Store has never had malware in it
FACT: The App Store published at least one piece of malware and approved two others. The published
malware, a trojan called “Find and Call,” downloaded your phonebook and spammed contacts.
3#
MYTH:
FACT
devices. Non-jailbroken threats will be more targeted and sophisticated, but they’re not impossible to create.
2#
MYTH:
FACT
types of attacks as Android malware including data exfiltration and surveillance.

4. T O P M Y T H S A B O U T A P P L E S E C U R I T Y
1#
MYTH:
FACT
malware, a trojan called “Find and Call,” downloaded your phonebook and spammed contacts.
3#
MYTH:
FACT
devices. Non-jailbroken threats will be more targeted and sophisticated, but they’re not impossible to create.
2#
MYTH: Apple devices cannot be attacked like Android
FACT : Actually, once on the device, iOS malware can perform many of the same
types of attacks as Android malware including data exfiltration and surveillance.

5. T O P M Y T H S A B O U T A P P L E S E C U R I T Y
1#
MYTH:
FACT
malware, a trojan called “Find and Call,” downloaded your phonebook and spammed contacts.
3#
MYTH: Threats on iOS only affect jailbroken devices
FACT: Wirelurker, XAgent, Find and Call, and others are proof that malware can affect non-jailbroken
devices. Non-jailbroken threats will be more targeted and sophisticated, but they’re not impossible to create.
2#
MYTH:
FACT
types of attacks as Android malware including data exfiltration and surveillance.

6. Today, iOS malware
looks a lot like Android
malware in 2010.


7. Android malware got its foothold in 2010 when researchers found the
first trojan called “FakePlayer” in the wild. A year later, in 2011, we saw
the first Android malware in the Google Play store called DroidDream.
Thus far, iOS malware has followed a similar pattern with threats
appearing in the wild for jailbroken devices, moving to non-jailbroken
devices, and finally sneaking into the official App Store

8. Android malware got its foothold in 2010 when researchers found the first
trojan called “FakePlayer” in the wild. A year later, in 2011, we saw the first
Android malware in the Google Play store called DroidDream.
Thus far, iOS malware has followed a similar pattern with threats
appearing in the wild for jailbroken devices, moving to non-jailbroken
devices, and finally sneaking into the official App Store.

9. K E V I N M A H A F F E Y
Bad guys are rational economic actors. Because Android is
so much more popular in the world they're targeting the
largest platforms first. Criminals are soon going to double
down on iOS with targeted attacks.
Kevin Mahaffey, Lookout CTO, predicts that we'll soon see a new wave of
iOS attacks that will fundamentally change the iOS threat landscape.

10. 
HACKING TOOLS

VULNERA BIL ITIES

MALWAR E
!
Apps or services that a user
employs to jailbreak, or gain
root access to the phone, but
could be used for malicious
means.
!
Software holes in the iOS
platform that could be
exploited to own iOS devices.
!
Apps that take user data or
negatively impact the device
without the user’s knowledge
or permission.
i O S T H R E A T S T O D A T E
What are these threats that can seemingly execute just like Android malware
can? We classify iOS threats to date into three different categories:

11. i O S T H R E A T S T O D A T E
2009
Ikee
First piece of iOS malware.
2010
JailbreakMe
A tool that exploited a hole in the iOS PDF reader in order to jailbreak the phone.
2011
Instastock
One of the first pieces of “malware” to get into the Apple App Store. Created by researcher
Charlie Miller, this proof-of-concept malware looked “safe” during Apple’s review process,
but secretly downloaded malicious code after being approved.
2012
Find and Call
Find and Call was the first non-POC iOS trojan to get inside the App Store. It silently stole a
victim’s phonebook and spammed their friends. The creator claimed this was a software bug.
Apple removed it from the App Store.

12. i O S T H R E A T S T O D A T E
2013
Evasi0n
!
Mactans
!
Jekyll and Hyde
2014
Keyboard contents bug
!
Xsser mRAT
!
Masque Attack
A tool that exploited a hole in the iOS PDF reader in order to jailbreak the phone.
!
WireLurker
A tool that exploited a hole in the iOS PDF reader in order to jailbreak the phone.
2015
XAgent

The latest iOS malware. This is surveillanceware that may be part of a broader
cyber-espionage campaign.







13. STAY SAFE
!
Be cautious of clicking links to download applications,
don't jailbreak your phone unless you really know what
you're doing and, of course, have a security app in place!


14. For more mobile security information, follow