No announcement yet.

Unflod Baby Panda malware, Your iPhone may be a victim of this vulnerability

  • Filter
  • Time
  • Show
Clear All
new posts

  • Unflod Baby Panda malware, Your iPhone may be a victim of this vulnerability

    According to a recent news, reddit members uncovered a new iOS malware called the Unflod which is supposed to be a deliberate misspel of the word 'unfold' to hide itself.

    Though according to sources, as of today the malware is only found in jail broken iOS devices. SophosLabs hasn't had any reports of "in the wild" infections yet.

    The malware is observed to hook itself into all the running processes of affected devices and listens to outgoing SSL connections. The infection also comes as unfold.plist and framework.dylib.

    A solution to this is to either delete the Unflod.dylib/framework.dylib binary and reset the Apple ID password OR fully restore the device and loose the jailbreak.

  • #2
    Despite me using a genuine iOS (not jail broken one) on my iPhone 4, the device seems to be misbehaving since a week or two. Could it be affected by the unflod vulnerability as well?

    How do it check if my device hasn't been compromised? Any help would be greatly appreciated.



    • #3
      Well, if you aren't using a jail broken iOS, I doubt is you'd be able to SSH the device. But if you do, then you'd have to look for a file named Unflod.dylib under /Library/MobileSubstrate/DynamicLibraries/. If you do find it, it means the device has been compromised.

      Deleting the file should clear the infection. Once you do that, make sure you change the password for your Apple id. Though this is only a workaround, ideally you must restore the device with the latest iOS version as provided by Apple Inc.