(Reuters) - Cybersecurity researchers have uncovered a computer virus that spies on Apple Inc's iOS operating system for the iPhone and iPad, and they believe it is targeting pro-democracy protesters in Hong Kong.
The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords and other data from Apple mobile devices, researchers with Lacoon Mobile Security said on Tuesday.
They uncovered the spyware while investigating similar malware for Google Inc's Android operating system last week that also targeted Hong Kong protesters. Anonymous attackers spread the Android spyware via WhatsApp, sending malicious links to download the program, according to Lacoon.
It is unclear how iOS devices get infected with Xsser, which is not disguised as an app.
Lacoon Chief Executive Michael Shaulov told Reuters that Xsser is the most sophisticated malware used to date in any known cyberattack on iOS users.
"This is one the most interesting developments we have seen," he said. "It's the first real indication that really sophisticated guys are shifting from infecting PCs or laptops to going after iOS devices."
The code used to control that server is written in Chinese. The high quality of the campaign and the fact it is being used to target protesters suggests that it is coming from a sophisticated attacker in China, Shaulov said.
"It is the first time in history that you actually see an operationalized iOS Trojan that is attributed to some kind of Chinese entity," he said.
A Trojan is a term used by cyber researchers to describe malware that enters a device disguised as something harmless.
Still, he said that his company's research team has yet to identify any specific victims of the iOS Trojan.
Lacoon said on its blog that it is possible the attackers might have deployed the Trojan in other places, in addition to spying on pro-democracy protesters in Hong Kong.
"It can cross borders easily, and is possibly being operated by a Chinese-speaking entity to spy on individuals, foreign companies, or even entire governments," they said in a blog post describing their analysis.
01 October 2014
Hello insanelyi members,
Popcorn Time, the so-called Netflix for pirates, is now on iOS. It’s never been easier to watch pirated movies and TV shows on the iPhone or Android device.
The Popcorn Time phenomenon is one of the biggest piracy stories of the year thus far.
The software amassed millions of users by offering BitTorrent-powered streaming in an easy-to-use Netflix-style interface.
Popcorn time is an application that let's you download and Stream movies for free without paying. Similar to MovieBox
The app is in Beta right now so the features that came with the Android version won't be available until the next update. The update will include a built in VPN, subtitles, AirPlay and Chromecast support.
They are also working on a solution for non-jailbroken devices as well, but that will take some more time to complete. Nonetheless, they are happy with the progress they’ve made thus far.
After days, Facebook will force users to use their app, Messenger. The social networking company started to force European users and showed that many liked it and decided to make the change to other countries. Over time, you might see a message like the one in the picture. Mobile web, iPad, Windows Phone, Paper, and feature phone users are safe from being forced.
According to TechCrunch, this is Facebook's official statement:
“In the next few days, we’re continuing to notify more people that if they want to send and receive Facebook messages, they’ll need to download the Messenger app. As we’ve said, our goal is to focus development efforts on making Messenger the best mobile messaging experience possible and avoid the confusion of having separate Facebook mobile messaging experiences. Messenger is used by more than 200 million people every month, and we’ll keep working to make it an even more engaging way to connect with people.”
While people in Europe are happy, other users might have a mixed reaction.
This is RazorThunder, reporting to you, on The ShoutFeed.
I saw you yesterday afternoon injured in the grass. I called for you and you turned to look right at me. It took you a minute until you realized I knew something was wrong. It was at that point you started making your way towards me. Once you were close enough, you smelled my hand and gave it a lick as you were starting to lay back down. I knew at that moment I couldn't leave you behind with the way you looked.
Thanks to the lady parked in her truck she had a spare chain for me to use as a temporary leash so I could help you into my car. Once I laid down in my back seat, I got in back in my car and immediately gave you the other half of my sub which you seemed to really enjoy.
Once we got home, you were introduced to my wife, son, and our little baby girl dog. She's only a year and few months old. You really seemed to not mind my wife and son but it was our little girl that bothered you. I wish the 2 of you were able to get along but unfortunately after the few attempts of dog communication, it was only getting worse. I tried to give it you another day. I believed that you were still in shock from what may have happened to you which is causing you to be aggressive.
Start of the 2nd day, I went out and bought you the dog works. Food, Bowls, Collar, and leash. As the 2nd day progressed, a few growls were exchanged. It was until later that evening when you took it too far by picking up our little girl by the neck and shaking her violently. This type of behaviour from you was heart breaking. I wanted to keep you and train you to be a friendlier dog but I simply can not do that, especially if I am not going to be home for 10 hours of the day.
I do know this though, besides your behaviour towards our little girl, the rest of your behaviour is very friendly. You are a gorgeous dog and stuck by my side no matter where I was. You were always next me wherever I was sitting. You wrestled around a little and were only being playful.
I hope when I bring you to the vet tomorrow that your owner is able to come and get you or that a better family is found for you. I'll always remember you.
The death of WIndows XP. Sources all around the world cite: "Roughly, over 500,000,000 devices; Yes, that's right: 500 (Five Hundred) Million Devices; Still Run Windows XP.
This includes: ATM Machines, Large Amounts of Government Used Devices, Satellites including GPS Systems, Train & Rail Systems, Flight Navigation Systems, Musical Production Studios, Factories that are used to Manufacture the "Over 500,000,000 devices still run Windows XP), Medical & Health Care Systems, Banks, Internet Service Providers, Schools.
The list goes on, for over five hundred million device examples.
What does this mean for the Crypto-Currency community? Instant death. Math time:
500,000,000 = Devices that Run Windows XP
6,00,000,000 = Current Highest Difficulty
13,000,000 = Remaining Bitcoins
5,200,000 = Remaining Blocks
25 = Number of BitCoins in a Block
2,700,000,000,000,000 = Number of Hashes it takes to Mine 1 (One) Block, which again a Block is worth 25 (Twenty-Five) BitCoins
5,400,000 = Number of Hashes left after ALL WIndows XP Devices hash one time
That literally means in SECONDS, we can mine ALL possible BItCoins and all other CryptoCurrencies.
It's very possible this could happen, only time will tell.
With "pre-show" festivities of the annual Consumer Electronics Show's 2014 edition in the books, AppleInsider takes a look at some of Monday's less-popular â€” but still interesting â€” stories from the show floor.
LG resurrected fallen iOS competitor WebOS in the South Korean giant's new range of "Smart TV" connected televisions. The platform â€” which LG says will power 70 percent of its connected sets in 2014 â€” sports a slick user interface and has been bestowed with several useful touches, like the ability to recognize when a user connects an external device and present contextually-relevant menu options.
The new sets come bundled with apps for popular services including YouTube, Facebook, Skype, and Twitter, and users will be able to download new apps and content from the LG Store. LG has not yet released pricing or availability information.
Meanwhile, streaming content company Roku announced partnerships with Chinese manufacturers TCL and Hisense for their own connected television platform, Roku TV. Under the agreements, the same software that powers Roku's popular streaming boxes will be adapted and pre-loaded on sets from the two TV makers.
Roku says the content available on Roku TV will be identical to the options present on the company's streamers, and the sets will come with a new 20-button remote control, which the company touts as being half the number of remote controlled buttons as traditional televisions. Pricing is not yet available, but Roku TV units are scheduled to hit retail outlets in the fall.
Not content to stop at televisions, LG also unveiled two new wearable fitness devices on Monday. The Lifeband Touch is a wrist-worn activity tracker similar to a Nike Fuelband, while LG's Heart Rate Earphones are Bluetooth-enabled in-ear headphones that measure biometric data like heart rate and maximum oxygen consumption from the external portion of the ear.
Lifeband Touch sports an OLED display that, in addition to the time and standard biometric data, can be configured to relay notifications from a connected smartphone. The Heart Rate Earphones can also be configured to send data to the Lifeband Touch for display. Both devices are slated for release in the first half of 2014 with pricing yet to be determined.
The wearable parade continued with the Polar V800, a combination fitness tracker and GPS wristwatch. Polar's entry provides more granular detail than most other activity trackers, collating data from individual training sessions to forecast recovery time and help users get adequate rest between sessions.
Polar's V800 also brings other unique features like integrated GPS, a built-in barometric pressure sensor for more sensitive altitude tracking, and the ability to monitor heart rate while swimming under water. The tracker comes in black and blue and will be available for purchase in April for $449.95, or $499.95 with heart rate monitor.
French technology company Parrot announced two new iOS-controlled robotic devices, a small jumping robot dubbed the Jumping Sumo and a miniature flying drone the firm is calling the MiniDrone. Both products were first outed by The Verge.
The Jumping Sumo is a two-wheeled, floor-bound bot that the publication says can make near-instant 180-degree turns and spring-assisted jumps up to three feet, while the MiniDrone is a palm-sized quadrocopter. Both devices are controlled with iOS apps and feature built-in cameras.
Parrot's MiniDrone connects with Bluetooth 4.0, while the Jumping Sumo takes advantage of 802.11ac Wi-Fi. Parrot has not yet released availability and pricing information.
At the same time, Orbotix unveiled a second-generation remote-controlled device of its own, showing off the new, tubular Sphero 2B. The Sphero 2B is a ruggedized version of the iOS-controlled toy sold in Apple Stores around the world, featuring knobby, replaceable tires and new multiplayer games.
Sphero's latest entry is also fully programmable, and the company urges users to "embrace your inner hacker." Sphero 2B will go on sale this fall for "$99 or less."
AT&T Mobility chief Ralph de la Vega announced that the carrier plans to support HD Voice on its network sometime this year, according to a report from The Verge. HD Voice uses wideband technology â€” including new audio codecs and an expanded audio range â€” to vastly improve the audio quality of mobile phone calls and reduce background noise.
With AT&T's launch, Verizon Wireless will be the only one of the big four wireless carriers not to implement HD Voice.
Elsewhere on Monday, newly-minted AT&T arch-rival T-Mobile announced a $3.3 billion deal to purchase a chunk of 700 Mhz wireless spectrum from Verizon Wireless. T-Mobile says the swap will help the carrier boost in-building signal strength and extend rural coverage, as well as coverage "at the edge of cities and in less densely populated areas."
As part of the deal, the two companies will "realign" an additional $950 million worth of spectrum in California and Georgia.
This is an exciting time for jailbreakers around the world. While you are busy updating and jailbreaking your iDevices, the insanelyi team is hard at work! Though our current app 'insanelyi App - iOS6' works on iOS7 you'll be seeing a new app being pushed to the insanelyi repo which will have new iOS 7 Specific graphics and features. Keep an eye on our app development thread here.
What features would you like to see added to the new insanelyi app ?
Apple has patched an obscure vulnerability in its iOS operating system that could have allowed a malicious hacker to install malware on an iPad or iPhone via a bogus USB charger.
Discovered by researchers at the Georgia Institute of Technology, the vulnerability can be exploited only by a custom-built USB charger outfitted with a tiny Linux computer. But it can be exploited quickly â€” in under 60 seconds.
â€œDespite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software,â€ the researchers explain in their Black Hat security conference presentation summary. â€œAll users are affected, as our approach requires neither a jailbroken device nor user interaction. â€¦ attackers can hide their software in the same way Apple hides its own built-in applications.â€
Potentially nasty stuff. But Apple has already developed a fix that will bolster iOSâ€™s defenses against it. It has programmed the operating system to ask users if they trust the computer to which theyâ€™re connecting their device. A simple and effective fix for a nascent exploit that could have evolved into a real threat, given enough time.
Saurik has announced that due to a mistake in the system used to request APTickets from Apple, all the tickets saved via Cydia are 'useless'.
Those of you who recently launched Cydia may have received a notice to "See TSS Center (below) to request iOS SHSH", and may be surprised to read the message, "No SHSH seems to be stored for this device".
At this point, I think I have described everything I need in order to explain the current situation: all of the APTickets Cydia itself requested from Apple for iOS 6 are useless. The word "useless" is important, as it is not accurate to use the word "corrupt": the data that was uploaded was not lost or damaged, and in fact all of the tickets that were stored verified per the algorithm from MuscleNerd.
Instead, the requests being made via Cydia to collect SHSH information for iOS 6 did not result in useful tickets. This is because, in order to better emulate the requests Apple had been making when I first started the service, I filter the manifests I send to Apple to only include information about files that had the partial digests I discussed earlier, as only files that have partial digests are relevant for SHSH.
However, the APTicket signs complete digests, not partial digests, and so even descriptions of files that do not have partial digests need to be sent to TSS to get a complete ticket. What really should therefore be used as a filter is "files with digest information at all", not just those that have partial digests (there is never a partial digest without a full digest), effectively finding all "real" files.
The result is that the APTickets that were downloaded and saved by Cydia itself are not sufficient to boot a device. However, tickets that were downloaded or otherwise obtained by tools such as redsn0w, iFaith, or TinyUmbrella, will work fine. If those tickets are uploaded to Cydia and then downloaded back, they also will continue to work: it is only tickets downloaded by Cydia clients themselves that were affected.
in Capp's Blog,
05 April 2013
Pod2g confirms evad3rs are not working on 6.1.3 jailbreak
Itâ€™s been nearly two weeks now since Apple released iOS 6.1.3 that effectively killed the evasi0n jailbreak. It had a good run though, lasting for nearly 6 weeks, through 2 iOS software updates, and jailbroke close to 20 million devices.
And it looks like thatâ€™s it for jailbreaks for a while. We had an inkling there wouldnâ€™t be a 6.1.3 jailbreak releasedâ€”it doesnâ€™t make sense to burn exploits before iOS 7â€” and the evad3rsâ€˜ pod2g just confirmed our suspicion on Twitterâ€¦
Hereâ€™s the tweet :
Again, this doesnâ€™t really come as much of a surprise. Apple is expected to unveil the next version of iOS, presumably iOS 7, at its WWDC event, and that typically happens around mid-June. So thatâ€™s what, just over two months away?
This makes it virtually pointless for the evad3rs to update the evasi0n jailbreak tool with new exploits, as Apple would certainly patch them in iOS 7. And then youâ€™ve burned usable exploits, which seem to be getting harder to find.
It is worth noting, however, that p0sixninja recently announced that he has discovered enough exploits to produce a new jailbreak. And although itâ€™s very unlikely, itâ€™s possible he could release it before Apple unveils the next version of iOS.
But my money is on us not seeing a new jailbreak until late-summer, or even the fall. So [obviously] youâ€™ll want to stay away from iOS 6.1.3, and any future iOS 6.x updates.
So have you lost the hope that you will not see an untethered jailbreak for the upcoming iOS 6 versions ? Don't worry, today we've got some great news from the popular hacker P0sixninja who has just said on his official twitter account that he has discovered some vulnerabilities that were not patched by the companyâ€™s security team in the latest iOS update, as he tweeted out earlier tonight: â€œWell, so far it looks like the next jailbreak might be created entirely by me.
Check out the tweet:
But donâ€™t worry, p0sixninja says that the evad3rs havenâ€™t gone anywhere. Heâ€™s just discovered the exploits on his own.
RBC Capital Markets analyst Amit Daryanani has released a new research report today citing supply chain checks as the basis for predicting a June or July launch for both the iPhone 5S and a lower-cost iPhone, in line with other recent reports. Daryanani says, however, that the lower-cost iPhone appears set to omit a Retina display.
Our supply-chain checks indicate that AAPL is working to launch multiple new phones in the June/July time-frame this year. Specifically, AAPL will launch the iPhone5s and a more affordable but lower-end iPhone at the same time, in either late CYQ2 or early Q3. The low-end iPhone will have the same 4" form factor as the iPhone5 but will have plastic casing and no retina display. With a lower price-point, AAPL will be able to target a growing and important part of the Smartphone market (sub-$400 price-band).
Daryanani's claim of no Retina display for the lower-cost iPhone conflicts with reports from reliable KGI Securities analyst Ming-Chi Kuo, who has claimed several times that the cheaper iPhone's 4-inch display will carry the same 326 pixels per inch seen on all Retina iPhone displays released to date.
Daryanani's claims also raises suspicion because Retina displays are a long-established feature of Apple's iPhone lineup, with all the iPhone models currently offered by Apple supporting the feature. This includes the iPhone 4, which is offered for free with a two-year contract in the United States, although this new low-cost iPhone is said to be seeking to bring prices even lower to attract customers in markets where carrier subsidies are uncommon.
Just yesterday, Apple announced to developers that all apps submitted to the App Store must support both Retina resolution and the larger 4-inch screen of the iPhone 5 and fifth-generation iPod touch as of May 1. Apps can, of course, also support devices such as the iPhone 3GS using non-Retina displays.
The clock, designed by Hans Hilfiker, has become an icon of both the Swiss railway and of Switzerland itself. The trademark and copyright for the clock is owned by the Swiss Federal Railways service.
According to the article: SBB is the sole owner of the trademark and copyright of the railway clock. The railway company will now get in touch with Apple. The aim is a legal, as well as a financial solution. It is not right that one [Apple] simply copies the design. The paper notes that Apple Switzerland declined to comment and directed reporters to Apple's corporate headquarters in the United States.
Update: In the interest of fairness, we have changed our links from Tanges-Anzeiger to the Swiss daily Blick, which first reported the story. The translated quote remains one provided by a MacRumors reader from a paragraph in the Tanges-Anzeiger story.
People close to some of the Canadian carriers that are planning to sell the new device said Friday that Apple will not allow those firms to sell it in their stores without also activating the device. In effect, that means users will have a harder time reselling the phones or shipping them to other countries where the iPhone may not have launched yet, or may not normally be available. As such, the move gives Apple more control over how and where its devices are sold. According to a source, Apple had not required immediate activation as a prerequisite for sales for any of the previous iPhone models.
Essentially, when you walk into any carrier or dealer to buy the iPhone 5, you wonâ€™t be able to leave with your phone until it is activated. An â€˜activationâ€™ in Appleâ€™s definition means getting to the Home screen. Anytime an iPhone is activated on either Rogers, Telus or Bell, Apple is automatically paid a fee by the carriers, with the latter also receiving part of usage fees from monthly plans. According to the Globe and Mail, sources close to the â€˜Big 3â€² carriers confirmed off the record this new rule would apply for the iPhone 5. It appears these new changes target scalpers and resellers; Apple is tightening its leash on iPhone sales. Update: Our reliable source mentions you can leave Apple Stores with a sealed carrier locked and activated iPhone 5. Also, fully unsubsidized and carrier locked iPhone 5 units will be available for purchase.
This is my blog and my first blog post.
I don't understand why this blog is required to be made. Doesn't this waste space on the server? Anyways I guess I'll post interesting stuff here that isn't about the news.
I'll post news on the icommunity blog.
The iOS slide to unlock feature is fun to use, but it's very limited and boring. It takes you to the same place you left off all the time. With a new jailbreak tweak dubbed LockSliderz by iOS developer Zmaster - the same developer that brought us AndroidLockXT, we can change the way our unlock sliders behave, look, and work.
Looking at the screenshot above, you can tell right off the bat that a few things look different about the lock screen. The most obvious is the Spotify slider, but the main slider also has a different looking icon on it - an unlocked lock instead of an arrow. The other difference you notice is that there is no 'slide to unlock' text. The design is very minimalist, however the functionality can be appreciated by anyone looking for good lock screen shortcut methods. LockSliderz comes with its own section for the Settings application which is shown below:
Shown at the top is my favorite part of any jailbreak tweak; the ability to enable it and disable it at your leisure - great for troubleshooting. Under that you see settings for both the first and second slider. These are not to be confused with the knobs. As it turns out, LockSliderz gives you up to four knobs on your lock screen which is equivalent to two sliders. This gives you the ability to put up to three applications shortcuts on your lock screen. When you enable all of the sliders on your lock screen and make them all size small from the settings, this is what results:
As shown, you can set any applications that you want to for each knob. When you go to slide a knob with an application on it, the device will unlock and launch the application that was defined by the knob you slid. You do not have to have four knobs, or even two sliders if you do not want to. You can have two sliders and three knobs, or you can have one slider and two knobs, or finally one slider and one knob. As you would expect, the knob on the left needs to be slid to the right and the knob on the right needs to be slid to the left.
The last setting in the settings for LockSliderz lets you choose to have an unlock knob that matches the shape of the application knob - making it square too like the image below instead of the appearance in the first image in this review:
The settings for LockSliderz are intense and exciting. It's worth the price tag of $1.49 because it can be extremely useful and because the graphical appearance looks insanely good. It's a great way to bring some life to that lock screen that we all feel could do more, but doesn't. If you have a pass code set and you are worried that people will be able to get into your iDevice with this tweak, then don't fret. The iDevice will require pass code input no matter which knob is slid and when you input your pass code, the application knob that you slid will launch the corresponding application.
I really like LockSliderz and I honestly don't think I know anyone that couldn't benefit from its features. I can recommend it for any iDevice power-users that are constantly opening applications consistently to check for updates such as Twitter, Facebook, etc. It doesn't cause any kind of graphical lag on the lock screen and it feels as fluid as Apple would have wanted it to be. It requires iOS 5 to be used and works on the iPhone, iPod touch, and iPad. It's fully compatible with AndroidLockXT and LockInfo too!
The iPhone is safter than Android, and RIMM's BlackBerry. But for how long?
(CORRECTION: The original post mistakenly reported that jailbreaking an iPhone and downloading apps through jailbroken iPhones was illegal. It is not illegal. A corrected copy is posted below with new information and quotes from Kaspersky Lab.)
In the battle between smart phone rivals iPhone and Android, the iPhoneâ€™s closed operating system makes it less open to viruses, and therefore a lot safer than the Google Android, says Sergey Golovanov, a malware researcher at Kaspersky Lab in Moscow.
Techies like Golovanov might know that Android is a malware accident waiting to happen, but most people walking around with it do not.
Especially when it comes to security breaches done through fake quick response codes, or QR codes (crossword puzzle looking bar code scan-able by some smart phones), the iPhone is a lot safer, he says.
â€œQR malware codes are mainly spreading through Android. We havenâ€™t found any QR malware for the iPhone yet,â€ Golovanov says. â€œEveryone is looking for the Android users. We donâ€™t know why. But one of the reasons is probably because iPhone has a closed operating system and Android has an open operating system so it is easier to create software for them,â€ he says.
QR codes have become part of the marketing strategies created by everyone from newspapers to clothing retailers trying everything they can to satisfy their wired customers. But the black matrix bar code symbols have become a harbor for malicious code writers who devise ways to steal personal data. Thereâ€™s no way to know once a device is infected. People scan a QR code with their smartphone and it redirects them to a web address. Some of those addresses are malicious, usually ending with the .APK or .JAR file extension. Kaspersky Lab says QR code malware is gaining in popularity, and Android is in the cross hairs.
The company discovered the first instance of QR malware code on an Android phone in Russia in September.
Itâ€™s not that the iPhone is immune from malware.
Apple has been fighting so-called jailbreak hackers â€” hackers who have been able to gain access to the Apple operating system (OS) in order to install programs on the iPhone that are usually not available through the Apple store. Itâ€™s fight to make jailbreaking the iPhone illegal failed last year, when a court ruled that jailbreaking legal. A jailbroken iPhone makes the owner a permanent administrator. Anyone with an iPhone can visit Appleâ€™s Safari web browser and find a webpage that will jailbreak their phones for them in a snap.
Hackers arenâ€™t malware code writers, per se. Most are tech lovers looking to bypass Apple restrictions on what they can install on their phone. The problem with the jailbroken iPhones is that it just makes them more open to cyber crime than a factory iPhone.
â€œJailbreaking absolutely makes the iPhone an easier target for malware,â€ says Tim Armstrong, a malware researcher at Kaspersky Lab in Massachusetts. â€œYou can install an app from any website you want and never will know if you are downloading a program that contains malware.â€
Last year, jailbroken iPhones were infected with an iPhone OS worm known as Ikee. People who used online banking at ING Bank in Europe were redirected to a site posing as the bank, collecting all of the userâ€™s account details. â€œWe only saw those problems on jailbroken iPhones,â€ Armstrong says.
Android has been the favorite of malicious code writers since August 2010, when the first Trojan program targeting the OS was detected.
Juniper Networks says Android malware traffic rose by 400% between June 2010 and January 2011. Lookout Mobile Security reported a 250% jump in smartphone malware from January to June 2011.