![]() ![]() On iOS devices, the latest Safari accepts this server response and will automatically download the profile.įigure 1. The malicious site contains a JavaScript, and responds with a blob object (the malicious profile) when the user accesses it. YJSNPI can proliferate by accessing the website hosting the malicious profile, especially via Safari. Regardless if it was created as a prank or to gain notoriety, its attack chain is notable, as attackers can weaponize the iOS feature iXintpwn/YJSNPI misuses: unsigned iOS configuration profile. It was also known as “Beast Senpai” (senpai means teacher or mentor in Japanese) as a reference to the image used as a meme in Japanese online forums. The overflow of icons it places over the affected device’s screens appears as “YJSNPI”. It’s also the name of the website the malicious profile is hosted in. IXintpwn/YJSNPI first appeared in late November 2016 via Twitter-and subsequently over YouTube and social websites-posing as an iOS jailbreaker named “iXintpwn”. ![]() While iXintpwn/YJSNPI seems currently concentrated in Japan, it won't surprise anyone if it spreads beyond the country given how it proliferated in social media. It was part of the remnants of the work of a Japanese script kiddie who was arrested in early June this year. This is further exemplified by iXintpwn/YJSNPI (detected by Trend Micro as TROJ_YJSNPI.A), a malicious profile that can render the iOS device unresponsive. We saw a number of threats that successfully scaled the walls in 2016, from those that abused enterprise certificates to ones that exploited vulnerabilities to curtail Apple’s stringent control over its platforms. ![]() While iOS devices generally see relatively fewer threats because of the platform's walled garden approach in terms of how apps are installed, it’s not entirely unbreachable. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |