"The current jailbreak community believes that deleting the Unfold. dylib library and modifying the Apple ID password can avoid the impact of this malicious application," said SektionEins. However, it is not clear how the dynamic library ends on the device, so it does not know whether the application has brought other malicious behaviors and by-products. We believe that the most secure solution at present is to reset the device. Of course, the device will also lose the jailbreak status ."
For iPhone, iPad, and other users, a considerable number of users prefer to obtain more permissions through jailbreak, currently, some jailbreak iOS devices have been infected with a virus that can steal user accounts and passwords.
According to German mobile phone security provider SektionEins, this virus often tries to keep the stolen Apple account and password in plaintext form to a Chinese IP Address "23.88.10.4" (however, Baidu and Google search both show that the IP address is from the United States) the digital signature of the infected file is sent by a Chinese iPhone developer named "Wang Xin. Therefore, this virus file is also named "unfold baby panda ". However, it is said that the evidence pointing to China may also be disguised. It is not clear how the malicious program comes from or how it enters the iOS device.
Possible iPhone jailbreak viruses
Currently, only jailbroken devices have the unfold baby panda virus, and listen for external SSL connections by hook library files such as unfold. dylib, unfold. plist, and framework. dylib. The earliest digital signature time for the virus was January 1, February 14. That is to say, the jailbreaking user after this time is most likely to have been infected with it. According to SektionEins, deleting these three library files completely (you can find and delete these files through the iFile file manager) and resetting the password of the apple account can basically prevent related attacks, but it may also be incomplete, it is the safest way to completely restore and give up jailbreak.
How to know if your device is infected-use the iFile File Manager to enter/Library/MobileSubstrate/DynamicLibraries/If Unflod exists. dylib or Unflod. plist. file, indicating that the file has been infected with the virus (it is not ruled out that the virus file may be hidden in other names ).
Search here