Malware hides as iOS jailbreak, Sucuri is insecuri, and China is about to get even worse
The team over at Cisco Talos has spotted a clever bit of trickery being used by an iOS click fraud operation. Researchers say a piece of malware called "Checkrain" has been making the rounds spoofing a popular iOS jailbreaking tool called "checkra1n".
"The site even claims to be working with popular jailbreaking researchers such as “CoolStar” and Google Project Zero’s Ian Beer," Talos explains.
"The page attempts to look legitimate, prompting users to seemingly download an application to jailbreak their phone. However, there is no application, this is an attempt to install malicious profile onto the end-user device." Fortunately, the operation doesn't do anything too destructive. The profile will pretend to perform the jailbreak, then run the phone through a number of affiliate links before finally installing a game. The attacker, meanwhile, would get an affiliate fee for the clickthroughs and game installs.