Skip to main content

New iOS malware in China hijacks apps and forces full-page ads in Safari

Malware on iOS is starting to become a weekly news event. This week’s intrusive software comes in the form of YiSpecter, a program capable of taking over iOS and displaying full-page ads on Safari.

The new malware, which is making the rounds in China and Taiwan, offers ways to circumvent the government’s Internet censorship. It persuades users to download a private version of QVOD, a defunct media player used for sharing pornography and other illegal content in China. QVOD was shut down in 2014 after police raided the developer’s offices, but it is still incredibly popular in China’s underground Web as a portal to illegal content.

Recommended Videos

Once the app is downloaded, YiSpecter tricks iOS SpringBoard — the software that manages the on-screen icons on iOS — to stop users from uninstalling the app. It then blends into the background, hiding under one of the many system apps on iOS.

YiSpecter is able to “replace existing apps with those it downloads, hijack other apps’ execution to display advertisements, change Safari’s default search engine, bookmarks and opened pages, and upload device information,” according to Palo Alto Networks. A Chinese mobile advertising service was allegedly responsible for the malicious app.

Luckily, Apple acknowledged the problem quickly and removed the app.

“We advise customers to stay current and only download content from the App Store and trusted sources … This particular vulnerability was indeed fixed in iOS 9.0,” an Apple spokesperson said to CNET.

News of the YiSpecter attack follows last week’s Chinese malware panic, which was caused by several high-profile developers who used a faulty version of Xcode to build apps. Those apps have since been purged from the App Store and replaced with apps built on a legitimate version of Xcode.

The YiSpecter attack is another case that proves China’s wild west approach to app curation is not working. Without checks in third-party apps stores, it’s easy for malicious programs to bypass iOS security.

David Curry
Former Contributor
David has been writing about technology for several years, following the latest trends and covering the largest events. He is…
5 rumored iOS 26 features we could see at WWDC 2025
An iPhone 16 laying on a shelf with its screen on.

Apple’s upcoming WWDC 2025 showcase is going to be a busy one, even though the expected AI-powered software rebirth may not land until next year. In the meantime, reliable sources have spilled the beans on what we might expect for the next major iOS overhaul. 

Starting with the name, Apple could skip iOS 19 and could go straight from v18 to v26. We are also expecting a design overhaul, something that could draw inspiration from Vision OS. On the functional side, an AI health coach would be a huge draw for fitness enthusiasts. 

Read more
Why you shouldn’t care what number Apple puts on your iPhone’s software
The Apple iPhone 16 Pro Max's screen.

One number may change to another number at an important industry event on June 9, and despite some of the headlines that have been circulating around the news, this succinct explanation of what may happen allows you to guage its real importance. Apparently, Apple may use the WWDC 2025 keynote presentation to announce a change from the expected iOS 19 software’s name to iOS 26, and here’s why you shouldn’t worry about it. 

Many people won’t even know

Read more
20 iPhones elevate Danny Boyle’s 28 Years Later scene
A camera rig with 20 iPhones being used to shoot part of 28 Years Later.

We already know that the iPhone is a versatile piece of kit with a powerful camera capable of capturing highly impressive video.

That quality, coupled with the phone’s small size compared to conventional movie cameras, has been inspiring a growing number of filmmakers to use Apple’s handset for at least some of the shots in their grand productions.

Read more