Zimperium release a tool to help iOS devices infected with YiSpecter

News by Roi Perez

Zimperium, a privately-owned mobile security startup based in San Francisco, has released a tool to help iOS users that have been infected with the recently spotted YiSpecter advertising malware to remove the threat from their devices.

Branded as zYiRemoval, it is a simple command-line tool that requires installation on a separate computer. 

Once it is up you and running, connect the affected iOS device via USB and execute the tool through the terminal.

The tool will search for malware known to contain the bug: HYQvod, DaPian, NoIcon, ADPage, NoIconUpdate, and many more. If any of these executables are found, the user is instructed to remove them.

Zimperium said it is most likely that Apple has already revoked the iOS enterprise certificates abused by the malware to get around Apple's Gatekeeper.

"Do not install profiles from unknown developers – be extra careful when typing your pin-code: iOS asks you to type your pincode before installing new profiles," Zimperium researchers warned.

Before installing the app, it might be a good idea to update your iOS to the latest version.

The YiSpecter malware was initially discovered by researchers at Palo Alto Networks following research by Cheetah Mobile and Qihoo360. Prior to Zimperium's creation of the automated tool, Palo Alto had shared instructions on how to manually remove the malware.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews