If your iPhone is jailbroken, it could be vulnerable to this virus

iPhone 5S hands on home angle

Users on a jailbreak subreddit have discovered a new kind of malicious software on iOS phones. The malware, which comes as a library called unfold.dylib, was uncovered after a Reddit user complained of crashes in Google Hangout and Snapchat.

 The threat, which has been nicknamed “unflod baby panda,” is rumored to be of Chinese origin. There are several factors that support this theory. According to German mobile security firm SektionEins, the infection is digitally signed with an iPhone developer certificate under the name Wang Xin. Also, the malware, which steals the Apple ID and password of users, sends the information in plain text to 23.88.10.4, which appears to be a Chinese website from the error message it displays. However, these could all be fake. SektionEins even raised the possibility of certificate theft. So for now, no one knows where the malware came from and how it got into iOS devices. 

The malware only affects jailbroken iPhones. It hooks into all the running processes of affected devices and listens to outgoing SSL connections. The infection also comes as unfold.plist and framework.dylib. 

“Currently the jailbreak community believes that deleting the Unflod.dylib/framework.dylib binary and changing the Apple ID password afterwards is enough to recover from this attack. However, it is still unknown how the dynamic library ends up on the device in the first place and therefore it is also unknown if it comes with additional malware gifts,” SektionEins said. 

“We therefore believe that the only safe way of removal is a full restore, which means the removal and loss of the jailbreak.”

The signature date on the malware is February 14, so the threat may have gone undetected for about two months. If you need a step-by-step guide for removing the malicious file from your phone, Reddit user SaurikIT has provided detailed instructions here.

Gaming

‘Fortnite’ security flaw let hackers spy on players through microphones

A security vulnerability found in Fortnite allowed hackers to gain access to other players' accounts, potentially letting them spy on conversations using the in-game microphone. It has been addressed.
Mobile

How to jailbreak your iPhone on iOS 12: A beginner’s guide

The latest jailbreaking tools for iOS 12 make freeing your iOS device easier than ever. This guide will teach you how to jailbreak your iPhone or iPad, and explain what jailbreaking will do for you.
Mobile

Android vs. iOS: Which smartphone platform is the best?

If you’re trying to choose a new phone and you’re not sure about the merits and pitfalls of the leading smartphone operating systems, then come on in for a detailed breakdown as we pit Android vs. iOS in various categories.
Mobile

Having trouble logging in? Here's how to reset your Apple ID password

To use any of Apple's services, you need to have an Apple ID and know your password. Thankfully, there are ways to deal with forgotten passwords and regain access to your account. Here's how to reset your Apple ID password.
Mobile

Verizon’s deal could get you a free iPhone XR — but there’s some fine print

Verizon launched a new deal for its smartphones aimed at encouraging customers to open a new line. If you're willing and you want two new phones, you could get a free Samsung Galaxy S9, iPhone XR, or Pixel 3.
Photography

From DIY to AAA, here's how to take a passport photo in 6 different ways

If you're applying for a passport or renewing one, you need to submit a photo in your official application. There are strict guidelines, but fortunately, it's something you can do at home. Here's how to take a passport photo.
Mobile

OpenTable points can now be used to whittle down cost of a hotel stay

Have some OpenTable Dining Points built up? Now those points can also be used to make your own hotel discounts. OpenTable is teaming up with Kayak to use points as discounts on participating hotels.
Mobile

Get $100 discount on the Razer Phone 2 for a limited time

The Razer Phone 2 is finally here, and it's got upgraded specs, that super-smooth 120Hz display, and an updated design. Here's absolutely everything you need to know about the Razer Phone 2.
Deals

REI slashes prices on Suunto, Garmin, and Fitbit Versa smartwatches

Though fitness trackers and smartwatches can get pretty pricey, REI is offering some sweet discounts on top brands. Right now, you can get a new smartwatch from Fitbit, Suunto, and Garmin for up to 35 percent off its normal price.
Social Media

Twitter suffers privacy scare as bug reveals tweets of protected accounts

If you set your Twitter account to private and you have an Android device, you'd better check your settings now. Twitter says it's just fixed a four-year-old bug that flipped the privacy switch to make the account public.
Wearables

Check out the four cool Swatch watches you can use for mobile payments

Swatch has announced its Swatchpay technology is now available in Switzerland, enabling mobile payments from your Swatch watch. It works in a similar way to Apple Pay and Google Pay. Here's everything about it.
Social Media

Spice up your Instagram videos by adding your top tunes to the soundtrack

Have you ever taken a beautiful video, only to have it ruined by some jerk in the background yelling curse words? Here's a list of apps you can use to add your own music to Instagram posts as well as your Story.
Home Theater

Dolby’s secret recording studio app may soon exit stealth mode

In secret testing since June, Dolby's stealth recording and social network app may soon be ready to make an appearance. Dolby 234 blends unique noise-canceling tech with Instagram-like audio filters.
Business

Google is buying mysterious smartwatch tech from The Fossil Group for $40 million

Google is about to step up its smartwatch game. The company has agreed to buy an unnamed smartwatch technology from The Fossil Group for a hefty $40 million. Considering the acquisition, it's clear Google is serious about smartwatches.