Skip to main content

If your iPhone is jailbroken, it could be vulnerable to this virus

iPhone 5S hands on home angle
Image used with permission by copyright holder

Users on a jailbreak subreddit have discovered a new kind of malicious software on iOS phones. The malware, which comes as a library called unfold.dylib, was uncovered after a Reddit user complained of crashes in Google Hangout and Snapchat.

 The threat, which has been nicknamed “unflod baby panda,” is rumored to be of Chinese origin. There are several factors that support this theory. According to German mobile security firm SektionEins, the infection is digitally signed with an iPhone developer certificate under the name Wang Xin. Also, the malware, which steals the Apple ID and password of users, sends the information in plain text to 23.88.10.4, which appears to be a Chinese website from the error message it displays. However, these could all be fake. SektionEins even raised the possibility of certificate theft. So for now, no one knows where the malware came from and how it got into iOS devices. 

Recommended Videos

The malware only affects jailbroken iPhones. It hooks into all the running processes of affected devices and listens to outgoing SSL connections. The infection also comes as unfold.plist and framework.dylib. 

“Currently the jailbreak community believes that deleting the Unflod.dylib/framework.dylib binary and changing the Apple ID password afterwards is enough to recover from this attack. However, it is still unknown how the dynamic library ends up on the device in the first place and therefore it is also unknown if it comes with additional malware gifts,” SektionEins said. 

“We therefore believe that the only safe way of removal is a full restore, which means the removal and loss of the jailbreak.”

The signature date on the malware is February 14, so the threat may have gone undetected for about two months. If you need a step-by-step guide for removing the malicious file from your phone, Reddit user SaurikIT has provided detailed instructions here.

Christian Brazil Bautista
Christian Brazil Bautista is an experienced journalist who has been writing about technology and music for the past decade…
Google’s Gemini is getting a lot smarter for iPhone users
Using Gemini Deep Research on a smartphone.

Google's Gemini AI just got a major buff for iPhone users with the addition of its Deep Research feature. Google first added this feature to Android devices, but it's dropping in a phased rollout to the iPhone. If you don't yet see this function, give it some time; at the time of writing, it hasn't hit our phones here at Digital Trends yet.

The Deep Research feature "uses advanced reasoning and long context capabilities to act as a research assistant, exploring complex topics and compiling reports on your behalf." This enables Gemini to do comprehensive, in-depth research on nearly any topic, but be warned: the process is not fast.

Read more
Apple launches ambitious health study to advance wellness tech
Banner inviting users to join Apple Health Study.

Apple recently launched its first pair of wireless earbuds with an integrated heart rate sensor. Down the road, this convenience will reportedly arrive on the AirPods family, as well. The uber popular earbuds have already landed their hearing aid clearance, alongside a slew of new wellness-centric features.

The focus is clear. Health-tech is the next great avenue for innovation at Apple.

Read more
The iPhone upgrade cycle is speeding up. Is this the Apple Intelligence effect?
An iPhone showing an Apple Intelligence rendering of Steve Jobs in the Image Playground app.

Apple has expressed hope that Apple Intelligence will accelerate the iPhone upgrade cycle. A new report suggests that the AI software may be achieving this goal, at least by a little bit.

According to the latest Apple Report from CIRP, consumers are trading in their iPhones for newer models at a faster rate. This is encouraging news for Apple since customers have been keeping their phones for longer periods in recent years.

Read more