+ Reply
Results 1 to 7 of 7

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: New adware/malware found in Cydia

is a discussion within the

Cydia Support

forums, a part of the

Native iPhone / iPod Touch App Discussion

section;
Hi all I just discovered today that there is some adware/malware in Cydia, from at least one of the free programs made by Nobitazzz. Since I installed the app called
...
  1. #1
    What's Jailbreak? Pokepasa's Avatar
    Join Date
    Aug 2012
    Location
    Spain
    Posts
    4
    Thanks
    2
    Thanked 1 Time in 1 Post
    Angry New adware/malware found in Cydia
    Hi all

    I just discovered today that there is some adware/malware in Cydia, from at least one of the free programs made by Nobitazzz.

    Since I installed the app called "iOS 6 Photos Menu" my iPhone started to download/upload a lot of Mb, regardless by Wifi or 3G.

    I will not bore you with all the things I did to discover which app was the problem, but I will show you this images:

    New adware/malware found in Cydia-httprequets.jpgNew adware/malware found in Cydia-nobitazzz.jpgNew adware/malware found in Cydia-ptp4ever.jpg

    This are captures of my traffic from iPhone to internet during 5 minutes WHEN IT WAS LOCKED. Here you can see that the iPhone was calling, 3723 times, pages for ads.

    And you can see that the page ptp4ever.net is paying Nobitazzz as the 3th most ranked user of its web, based on clicks.

    But all this happens with total disregard of the user, and without any notice.

    All this is unfair, for the user because of the waste of MB from his data plan, but more for the publicists that are paying for clicks and ads that no one see, because all this happens in a second plane.

    I have uninstalled this app and no more calls to ptp4ever.net were done until now. In any case I will continue watching my traffic in the next days to ensure that all is clean. If not, I will need to reinstall iOS.

    So, BE CAREFUL, YOU CAN INSTALL ADWARE without knowing it.

    If some one need the log I made with Wireshark to analyze this info, I can send it.

    I tried to communicate with Saurik to tell him this, but I could only send him a message on Twitter (I didn't find another contact).

  2. The Following User Says Thank You to Pokepasa For This Useful Post:

    raduga (08-24-2012)

  3. #2
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,834
    Thanks
    63
    Thanked 264 Times in 253 Posts

    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  4. The Following User Says Thank You to H4CK3R For This Useful Post:

    Pokepasa (08-08-2012)

  5. #3
    Official SaurikIT Support
    Join Date
    Mar 2011
    Location
    Santa Barbara, CA
    Posts
    332
    Thanks
    1
    Thanked 66 Times in 45 Posts

    Thanks for keeping an eye out.

    The usual method for reporting problems is to tap "Author" at the top of the package page in Cydia, where you'll see options for emailing the developer, the repository manager, and saurik. Emailing all three can be appropriate for significant problems.

    We'll talk to this developer - it's not OK to sneakily fetch ads in the background.

  6. The Following 2 Users Say Thank You to brittag For This Useful Post:

    Pokepasa (08-08-2012), raduga (08-24-2012)

  7. #4
    What's Jailbreak? Pokepasa's Avatar
    Join Date
    Aug 2012
    Location
    Spain
    Posts
    4
    Thanks
    2
    Thanked 1 Time in 1 Post
    Quote Originally Posted by brittag View Post
    The usual method for reporting problems is to tap "Author" at the top of the package page in Cydia, where you'll see options for emailing the developer, the repository manager, and saurik. Emailing all three can be appropriate for significant problems.
    I saw the option to talk Author and Repository Manager. The author email was [email protected], but unfortunately my hotmail account throwed a delivery error to this account.

    It will be great if you can contact developer. It will be very dangerous that Cydia begins to have malicious software, because it can dramatically lower confidence on it.

    We must be vigilant, Cydia is the key for all of us to have a little freedom on our favorite mobile OS.

    Will you contact Saurik directly or must I write him?

  8. #5
    What's Jailbreak? Pokepasa's Avatar
    Join Date
    Aug 2012
    Location
    Spain
    Posts
    4
    Thanks
    2
    Thanked 1 Time in 1 Post
    Duplicated
    Last edited by Pokepasa; 08-08-2012 at 04:04 PM. Reason: Duplicated post, sorry

  9. #6
    Official SaurikIT Support
    Join Date
    Mar 2011
    Location
    Santa Barbara, CA
    Posts
    332
    Thanks
    1
    Thanked 66 Times in 45 Posts

    I have already talked to saurik, the repository manager, and this developer (his email address works OK for me). The developer said his product would no longer sneakily fetch ads. I'll keep an eye out for further reports of trouble. Thanks again!

  10. #7
    What's Jailbreak? Pokepasa's Avatar
    Join Date
    Aug 2012
    Location
    Spain
    Posts
    4
    Thanks
    2
    Thanked 1 Time in 1 Post
    Ok, perfect. This confirm all my investigation and closes this episode.

    Today no suspictious traffic in my iPhone. All seems to be right.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts