The malicious software, called YiSpecter, hijacks apps and the Safari browser to show full-page ads. It fools users into installing it by claiming to circumvent China’s Web

C|net
Date: October 5, 2015
By: Rahil Bhagat

A new species of malware that shows fullscreen ads is flourishing on Apple devices in China and Taiwan. The development follows reports last month that apps loaded with malware had to be purged from the company’s App Store.

The malicious software, dubbed YiSpecter, is reportedly able to “install and launch arbitrary iOS apps, replace existing apps with those it downloads, hijack other apps’ execution to display advertisements, change Safari’s default search engine, bookmarks and opened pages, and upload device information,” according to US-based cybersecurity firm Palo Alto Networks.

Victims of YiSpecter are reportedly tricked into being infected when they are persuaded to download what appears to be a “private version” or “version 5.0” of a popular but now defunct media player, QVOD.

In China, QVOD was popular for its ability to allow users to share pornographic content. Pornography is illegal in China but there exists a vast underground network of hidden sites and third-party apps to circumvent such laws. The offices of the app’s developer, Kuaibo, were raided by police in 2014.     [FULL  STORY]