Chinese ELF #DDoser AKA '#LinuxBillGates' Cameo on iPad

A Reddit user posted a query about finding some suspect files on his Jailbroken iPad in the Jailbreak subreddit over the weekend. 

Mirror - http://www.freezepage.com/1423511994JWXKRPVBDF

Original - http://www.reddit.com/r/jailbreak/comments/2v473a/new_ios_virus/

This is the same piece of 'malware' i discovered that was present on Windows previously, originally found infecting Linux - This has now found it's way in some capacity onto iOS.

That makes this present not only Linux & Windows, but now iOS. Phil Schiller recently exclaimed '1 Billion iOS devices shipped!!' in their most recent earnings call.

According to Jay Freeman the curator of Cydia said there was 18m devices jailbroken. This was on iOS6 - almost 2 years ago.

Given the remarkable sales growth, the figure of jailbroken devices ≠ result in a similar rate of devices shipped but it's possibly higher considering the success in China Apple is having. It's not unfair to suggest its growing quicker given the two most recent Jailbreaks are both of Chinese origin.

This is a interesting piece of 'malware' for a number of reasons.

  • Devices are as insecure as they have ever been on iOS once jailbroken
  • The growth in the ELF variant continues to grow, and port to different platforms
  • The DDOS element of the BillGates combination of potential jailbroken devices makes me think of this talk from BotConf

I suggested to Ruchna who wrote the linked paper about the feasibility of Mobile DOS attacks in 2015 - maybe this is an indication.

 

Thanks to Benkow for his assistance in identifying BillGates.