SlideShare a Scribd company logo

70 jailbreaking tool_for_apple_mobile_devices_exploits_ios_vulnerabilities__august_16__2010_

Trend Micro
Trend Micro
Education
1 of 2
Download to read offline
Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. ISSUE NO. 70 AUGUST 16, 2010 Jailbreaking Tool for Apple Mobile Devices Exploits iOS Vulnerabilities Being hot items in today’s technology-savvy market, Apple products such as the iPod and iPhone have also become natural targets of malicious schemes. In fact, TrendLabsSM noted another potential problem that Apple mobile device users may face—jailbreaking. Using the jailbreaking tool on Apple mobile devices may be harmful, as this exploits a certain iOS vulnerability, which can eventually become a new infection vector for future Web threats. The Threat Defined Days after jailbreaking Apple mobile devices was legalized by the U.S. Copyright Office, a developer known as “Comex” released a very easy-to-use tool that works on iPhone 4.0, iPhone 3G, and iPod Touch 3G devices, among others. The tool dubbed JailbreakMe can be downloaded from a site that can be accessed via Mobile Safari. Jailbreaking allows users to modify the OS of their Apple mobile device, which will, in turn, allow them to install various non-Apple applications onto their devices. It should be noted, however, that jailbreaking an Apple mobile device nullifies its warranty. JailbreakMe Exploits Two iOS Vulnerabilities JailbreakMe may appeal to Apple mobile device owners who want to run applications that they cannot otherwise install onto their devices. Using this tool, however, comes with certain risks. In fact, upon closer inspection, TrendLabs engineers found that JailbreakMe exploits two vulnerabilities in order to run non-Apple apps on Apple mobile devices. The first vulnerability has to do with how Mobile Safari handles .PDF files. Cybercriminals may distribute specially crafted .PDF files that exploit a program flaw in Free Type 2, a font engine that opens and processes font files used in PDF readers, Web browsers, and other applications. This vulnerability has to do with how Free Type 2 handles some Compact Font Format (CFF) opcodes, which when abused, can result in stack corruption. Stack corruption aka stack buffer overflow occurs when a program writes more data than is actually allocated to a buffer. This almost always results in the corruption of adjacent data on the stack. Cases wherein an overflow is triggered by mistake often cause a program to crash or incorrectly operate. This can, in turn, allow arbitrary code execution on an affected system. Figure 1. JailbreakMe app Meanwhile, the second vulnerability is related to an integer overflow that exists in how execution prompt an affected device handles IOSurface properties. An integer overflow occurs when a numeric value assigned to a program is larger than the assigned storage space. This can lead to unintended behaviors such as a buffer overflow. This can then allow cybercriminals to gain the same system privilege as a device user and run malicious code on an affected mobile device. Users who download JailbreakMe via Mobile Safari were found to have downloaded a specially crafted .PDF file (aka TROJ_PIDIEF.HLA) that contains the jailbreaking code instead. The said file exploits a vulnerability in how the device handles CFF fonts, which can result in memory corruption. Though the file does not exhibit any malicious payload, it can still be easily used to instigate cybercriminal attacks targeting iOS devices. In fact, Trend Micro advanced threats researcher Joey Costoya believes that the fact that the PDF exploit has been made public on the jailbreaking site can allow virtually anyone to create a malicious .PDF file using the said exploit. 1 of 2 – WEB THREAT SPOTLIGHT
Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. Figure 2. JailbreakMe infection diagram User Risks and Exposure There is a high probability that the technique JailbreakMe employed to jailbreak Apple mobile devices will be used to spread malware, especially as the tool is readily available on the Web. The increasing popularity of Apple mobile devices among consumers may even turn jailbreaking into a new infection vector for cybercriminal use. To prevent becoming victims of cybercrime, think twice before downloading any tool off the Internet, as the security risks it brings may outweigh the rewards. In response to this threat, Apple recently released a security patch to resolve the aforementioned vulnerability. We thus strongly advise users to immediately update their mobile devices by visiting this page. For even better protection, users may download Trend Micro Smart Surfing for iPhone, which blocks access to malicious sites, including the site where JailbreakMe is hosted. Trend Micro Solutions and Recommendations The Trend Micro™ Smart Protection Network™ infrastructure delivers advanced protection from the cloud, blocking threats in real-time before they reach you. A global network of threat intelligence sensors correlates with email, Web, and file reputation technologies 24 x 7 to provide comprehensive protection against threats. As the sophistication of threats, volume of attacks, and number of endpoints rapidly grows, the need for lightweight, comprehensive, and immediate threat intelligence in the cloud is critical to overall protection against data breaches, damage to business reputation, and loss of productivity. In this particular attack, Smart Protection Network’s file reputation technology immediately detects and deletes malicious files like TROJ_PIDIEF.HLA from infected products. Web reputation technology, on the other hand, blocks user access to malicious sites from which the malware may be downloaded. The following post at the TrendLabs Malware Blog discusses this threat: http://blog.trendmicro.com/online-iphone-jailbreak-uses-ios-vulnerabilities/ The virus report is found here: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_PIDIEF.HLA Other related posts are found here: http://www.pcworld.com/article/201906/govtapproved_iphone_jailbreaking_wont_help_users.html?tk=rel_newsd http://www.pcworld.com/article/202335/jailbreaking_an_iphone_is_a_snap_thanks_to_new_website.html http://www.kb.cert.org/vuls/id/275247 http://en.wikipedia.org/wiki/Stack_buffer_overflow http://support.apple.com/kb/HT4292 http://support.apple.com/kb/HT4291 http://en.wikipedia.org/wiki/Integer_overflow 2 of 2 – WEB THREAT SPOTLIGHT

Recommended

Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOS
Mihir Patel
 
Presentación1
Presentación1Presentación1
Presentación1
san fernando
 
iOS jailbreaking
iOS jailbreakingiOS jailbreaking
iOS jailbreaking
Varun Luthra
 
Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOS
Kai Aras
 
Industrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesIndustrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, Vulnerabilities
Trend Micro
 
Investigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeInvestigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at Large
Trend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Trend Micro
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Trend Micro
 

Recommended

Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOS
Mihir Patel
 
Presentación1
Presentación1Presentación1
Presentación1
san fernando
 
iOS jailbreaking
iOS jailbreakingiOS jailbreaking
iOS jailbreaking
Varun Luthra
 
Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOS
Kai Aras
 
Industrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesIndustrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, Vulnerabilities
Trend Micro
 
Investigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeInvestigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at Large
Trend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Trend Micro
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Trend Micro
 
Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWS
Trend Micro
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Trend Micro
 
Mobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaMobile Telephony Threats in Asia
Mobile Telephony Threats in Asia
Trend Micro
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep Web
Trend Micro
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
Trend Micro
 
HBR APT framework
HBR APT frameworkHBR APT framework
HBR APT framework
Trend Micro
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsCaptain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Trend Micro
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Trend Micro
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
Trend Micro
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
Trend Micro
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
Trend Micro
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
Trend Micro
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Trend Micro
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011
Trend Micro
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
Trend Micro
 
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare deliveryAssuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Trend Micro
 
Solutions for privacy, disclosure and encryption
Solutions for privacy, disclosure and encryptionSolutions for privacy, disclosure and encryption
Solutions for privacy, disclosure and encryption
Trend Micro
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information Exchange
Trend Micro
 
Solutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceSolutions for PCI DSS Compliance
Solutions for PCI DSS Compliance
Trend Micro
 
PC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromisePC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To Compromise
Trend Micro
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
Nirmal Dwivedi
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
Poonam Aher Patil
 

More Related Content

More from Trend Micro

Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWS
Trend Micro
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep Web
Trend Micro
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
Trend Micro
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsCaptain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Trend Micro
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
Trend Micro
 
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare deliveryAssuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Trend Micro
 
Solutions for privacy, disclosure and encryption
Solutions for privacy, disclosure and encryptionSolutions for privacy, disclosure and encryption
Solutions for privacy, disclosure and encryption
Trend Micro
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information Exchange
Trend Micro
 
Solutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceSolutions for PCI DSS Compliance
Solutions for PCI DSS Compliance
Trend Micro
 

More from Trend Micro (20)

Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWS
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
 
Mobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaMobile Telephony Threats in Asia
Mobile Telephony Threats in Asia
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep Web
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
 
HBR APT framework
HBR APT frameworkHBR APT framework
HBR APT framework
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsCaptain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare deliveryAssuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
 
Solutions for privacy, disclosure and encryption
Solutions for privacy, disclosure and encryptionSolutions for privacy, disclosure and encryption
Solutions for privacy, disclosure and encryption
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information Exchange
 
Solutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceSolutions for PCI DSS Compliance
Solutions for PCI DSS Compliance
 
PC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromisePC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To Compromise
 

Recently uploaded

Recently uploaded (20)

UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health Education
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & Systems
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
latest AZ-104 Exam Questions and Answers
latest AZ-104 Exam Questions and Answerslatest AZ-104 Exam Questions and Answers
latest AZ-104 Exam Questions and Answers
 

70 jailbreaking tool_for_apple_mobile_devices_exploits_ios_vulnerabilities__august_16__2010_

  • 1. Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. ISSUE NO. 70 AUGUST 16, 2010 Jailbreaking Tool for Apple Mobile Devices Exploits iOS Vulnerabilities Being hot items in today’s technology-savvy market, Apple products such as the iPod and iPhone have also become natural targets of malicious schemes. In fact, TrendLabsSM noted another potential problem that Apple mobile device users may face—jailbreaking. Using the jailbreaking tool on Apple mobile devices may be harmful, as this exploits a certain iOS vulnerability, which can eventually become a new infection vector for future Web threats. The Threat Defined Days after jailbreaking Apple mobile devices was legalized by the U.S. Copyright Office, a developer known as “Comex” released a very easy-to-use tool that works on iPhone 4.0, iPhone 3G, and iPod Touch 3G devices, among others. The tool dubbed JailbreakMe can be downloaded from a site that can be accessed via Mobile Safari. Jailbreaking allows users to modify the OS of their Apple mobile device, which will, in turn, allow them to install various non-Apple applications onto their devices. It should be noted, however, that jailbreaking an Apple mobile device nullifies its warranty. JailbreakMe Exploits Two iOS Vulnerabilities JailbreakMe may appeal to Apple mobile device owners who want to run applications that they cannot otherwise install onto their devices. Using this tool, however, comes with certain risks. In fact, upon closer inspection, TrendLabs engineers found that JailbreakMe exploits two vulnerabilities in order to run non-Apple apps on Apple mobile devices. The first vulnerability has to do with how Mobile Safari handles .PDF files. Cybercriminals may distribute specially crafted .PDF files that exploit a program flaw in Free Type 2, a font engine that opens and processes font files used in PDF readers, Web browsers, and other applications. This vulnerability has to do with how Free Type 2 handles some Compact Font Format (CFF) opcodes, which when abused, can result in stack corruption. Stack corruption aka stack buffer overflow occurs when a program writes more data than is actually allocated to a buffer. This almost always results in the corruption of adjacent data on the stack. Cases wherein an overflow is triggered by mistake often cause a program to crash or incorrectly operate. This can, in turn, allow arbitrary code execution on an affected system. Figure 1. JailbreakMe app Meanwhile, the second vulnerability is related to an integer overflow that exists in how execution prompt an affected device handles IOSurface properties. An integer overflow occurs when a numeric value assigned to a program is larger than the assigned storage space. This can lead to unintended behaviors such as a buffer overflow. This can then allow cybercriminals to gain the same system privilege as a device user and run malicious code on an affected mobile device. Users who download JailbreakMe via Mobile Safari were found to have downloaded a specially crafted .PDF file (aka TROJ_PIDIEF.HLA) that contains the jailbreaking code instead. The said file exploits a vulnerability in how the device handles CFF fonts, which can result in memory corruption. Though the file does not exhibit any malicious payload, it can still be easily used to instigate cybercriminal attacks targeting iOS devices. In fact, Trend Micro advanced threats researcher Joey Costoya believes that the fact that the PDF exploit has been made public on the jailbreaking site can allow virtually anyone to create a malicious .PDF file using the said exploit. 1 of 2 – WEB THREAT SPOTLIGHT
  • 2. Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. Figure 2. JailbreakMe infection diagram User Risks and Exposure There is a high probability that the technique JailbreakMe employed to jailbreak Apple mobile devices will be used to spread malware, especially as the tool is readily available on the Web. The increasing popularity of Apple mobile devices among consumers may even turn jailbreaking into a new infection vector for cybercriminal use. To prevent becoming victims of cybercrime, think twice before downloading any tool off the Internet, as the security risks it brings may outweigh the rewards. In response to this threat, Apple recently released a security patch to resolve the aforementioned vulnerability. We thus strongly advise users to immediately update their mobile devices by visiting this page. For even better protection, users may download Trend Micro Smart Surfing for iPhone, which blocks access to malicious sites, including the site where JailbreakMe is hosted. Trend Micro Solutions and Recommendations The Trend Micro™ Smart Protection Network™ infrastructure delivers advanced protection from the cloud, blocking threats in real-time before they reach you. A global network of threat intelligence sensors correlates with email, Web, and file reputation technologies 24 x 7 to provide comprehensive protection against threats. As the sophistication of threats, volume of attacks, and number of endpoints rapidly grows, the need for lightweight, comprehensive, and immediate threat intelligence in the cloud is critical to overall protection against data breaches, damage to business reputation, and loss of productivity. In this particular attack, Smart Protection Network’s file reputation technology immediately detects and deletes malicious files like TROJ_PIDIEF.HLA from infected products. Web reputation technology, on the other hand, blocks user access to malicious sites from which the malware may be downloaded. The following post at the TrendLabs Malware Blog discusses this threat: http://blog.trendmicro.com/online-iphone-jailbreak-uses-ios-vulnerabilities/ The virus report is found here: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_PIDIEF.HLA Other related posts are found here: http://www.pcworld.com/article/201906/govtapproved_iphone_jailbreaking_wont_help_users.html?tk=rel_newsd http://www.pcworld.com/article/202335/jailbreaking_an_iphone_is_a_snap_thanks_to_new_website.html http://www.kb.cert.org/vuls/id/275247 http://en.wikipedia.org/wiki/Stack_buffer_overflow http://support.apple.com/kb/HT4292 http://support.apple.com/kb/HT4291 http://en.wikipedia.org/wiki/Integer_overflow 2 of 2 – WEB THREAT SPOTLIGHT