Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
08-07-2012, 06:07 PM #1New adware/malware found in Cydia
I just discovered today that there is some adware/malware in Cydia, from at least one of the free programs made by Nobitazzz.
Since I installed the app called "iOS 6 Photos Menu" my iPhone started to download/upload a lot of Mb, regardless by Wifi or 3G.
I will not bore you with all the things I did to discover which app was the problem, but I will show you this images:
This are captures of my traffic from iPhone to internet during 5 minutes WHEN IT WAS LOCKED. Here you can see that the iPhone was calling, 3723 times, pages for ads.
And you can see that the page ptp4ever.net is paying Nobitazzz as the 3th most ranked user of its web, based on clicks.
But all this happens with total disregard of the user, and without any notice.
All this is unfair, for the user because of the waste of MB from his data plan, but more for the publicists that are paying for clicks and ads that no one see, because all this happens in a second plane.
I have uninstalled this app and no more calls to ptp4ever.net were done until now. In any case I will continue watching my traffic in the next days to ensure that all is clean. If not, I will need to reinstall iOS.
So, BE CAREFUL, YOU CAN INSTALL ADWARE without knowing it.
If some one need the log I made with Wireshark to analyze this info, I can send it.
I tried to communicate with Saurik to tell him this, but I could only send him a message on Twitter (I didn't find another contact).
The Following User Says Thank You to Pokepasa For This Useful Post:
08-07-2012, 06:40 PM #2
The Following User Says Thank You to H4CK3R For This Useful Post:
08-07-2012, 07:43 PM #3
Thanks for keeping an eye out.
The usual method for reporting problems is to tap "Author" at the top of the package page in Cydia, where you'll see options for emailing the developer, the repository manager, and saurik. Emailing all three can be appropriate for significant problems.
We'll talk to this developer - it's not OK to sneakily fetch ads in the background.
08-08-2012, 03:03 AM #4
[email protected], but unfortunately my hotmail account throwed a delivery error to this account.
It will be great if you can contact developer. It will be very dangerous that Cydia begins to have malicious software, because it can dramatically lower confidence on it.
We must be vigilant, Cydia is the key for all of us to have a little freedom on our favorite mobile OS.
Will you contact Saurik directly or must I write him?
08-08-2012, 03:33 AM #5
Last edited by Pokepasa; 08-08-2012 at 04:04 PM. Reason: Duplicated post, sorry
08-08-2012, 02:56 PM #6
I have already talked to saurik, the repository manager, and this developer (his email address works OK for me). The developer said his product would no longer sneakily fetch ads. I'll keep an eye out for further reports of trouble. Thanks again!
08-08-2012, 04:07 PM #7
Ok, perfect. This confirm all my investigation and closes this episode.
Today no suspictious traffic in my iPhone. All seems to be right.