How it affects your business: If employees download apps infected with XcodeGhost to personal or corporate-owned mobile devices, your business data could be at serious risk. The Ghost malware can allow remote command and control (CnC), open web pages on the device, fake password prompts, and steal credentials.
Keyraider has Stolen Data from More than 225,000 Apple Accounts
How it works: KeyRaider targets jailbroken devices because jailbreaking eliminates many of the built-in security features of the operating system. It can steal usernames, passwords, certificates, and even private keys.
How it affects your business: Enterprises should be especially vigilant about blocking access to corporate information on jailbroken mobile devices. Malware like Keyraider can take control of an iPhone or iPad and quickly access corporate email, documents, and other data.
YiSpecter Secretly Harvests User Data on the Device
How it works: YiSpecter infects both jailbroken and non-jailbroken devices using private APIs, which are unpublished or unsupported Apple iOS APIs. Although apps using these APIs are usually blocked during Apple's app vetting processes, YiSpecter can be spread in three other ways: through ISPs, a worm on Windows that infects the device when pairing, and through offline app installation.
How it affects your business: Once the iOS device is infected, YiSpecter can modify, install, and launch iOS apps without the user's permission. It can also replace existing apps with those it downloads, display full-screen ads when the user launches a normal app, change Safari's default search engine, bookmark and open web pages, and upload device information to the CnC server. The malware can also automatically reappear after it's been deleted.
Both custom-developed and third party apps are at the heart of mobility transforming businesses. But they need to be properly secured as attackers start to capitalise on enterprises' inability to prevent and detect mobile malware. In a world of mixed-use devices, it's imperative to separate corporate data and apps from the personal.
A modern enterprise security strategy means taking advantage of containerisation, encryption, and app-level data loss prevention (DLP) controls. Ultimately, you only want to allow trusted users on trusted devices with trusted apps over trusted sessions to access enterprise data.
Sign up for CIO Asia eNewsletters.