back to article We told you jailbreaking your iThing was dangerous

Chinese malware has infected more than 75,000 iPhones and hijacked some 22 million advertisements and stealing revenue from developers on the iOS jailbreak community, virus prober Axelle Apvrille says. The AdThief malware relied on the Cydia Substrate extension present only on jailbroken Apple devices to hijack advertising …

  1. Destroy All Monsters Silver badge


    People click on ads?

    1. ratfox

      Re: Hilarious

      Yeah, I don't get it either. And yet Google makes money somehow, so people must be indeed clicking. And businesses keep buying ads, so they must be convinced that the people who come to their web site because of an ad really wanted to go there, and did not do a fat finger mistake.

      I have never met anybody who clicks on ads, yet they must exist. They are the dark matter of the Internet.

      1. Hans 1

        Re: Hilarious

        Now, I have seen ppl click on the "first results" of google, you know, the ads at the top of the search results ... never seen anybody click on the ads on the side, except myself ... I click on ads I do not like, that way I am sure the suckers have to pay ... ;-)

        On el'reg, for example, I click on ads ... usually microsoft ads, tbh ... ;-)

      2. AceRimmer

        Re: Hilarious

        The great thing about advertising online is that it is one form of advertising where it is easy to measure the benefit. Ad page impressions and clicks are tracked allowing the click rate and increase in revenue to be clearly identified.

        1. Nifty Silver badge

          Re: Hilarious

          Yup, the last time I did Google ad campaign, I used Google Analytics + Statcounter to very carefully measure the cost/benefit - by following ad clicks right through to our checkout, but also checking if users returned later and spent any money. The analysis proved for me that I should cancel Google Adwords!

      3. Observer1959

        Re: Hilarious

        I think some of the ads are deceitful. I often see a small "x" in the corner that looks like it would close an annoying add, but when clicked, instead goes to the site.

        1. Oninoshiko

          Re: Hilarious

          On a phone, I don't find so many deceitful, as that x is just bloody hard to click.

    2. Jimboom

      Re: Hilarious

      I am sure that at least half of those clicks must be from annoyingly placed/popup adverts in kids games.

      1. Fihart

        Re: Hilarious @Jimboom

        Not just games. All sites where ads are deliberately placed next to the scroll bar so that if you drift off it you are hijacked to some ad site.

    3. Don Dumb

      Re: Hilarious

      @Destory All Monsters - "People click on ads?"

      To be fair, on a mobile device (especially an iThing) it is often difficult to avoid clicking the bloody ads, a testament to their obtrusiveness.

      I was on a website the other day that put FULL SCREEN ads in front of the text, just a couple of seconds after the page loads - I tried to click a link in the page only for the advert to jump in the way and take me off to the app store. Another site had adverts that jump into the bottom portion of the page when you're not scrolling, naturally you tap the bottom of the screen to scroll up but only succeed in clicking on the advert that has just re-appeared.

      And companies wonder why we want ad blocking?

      If it was just the Google promoted searches I wouldn't be upset. To my mind, those adverts are solicited (I have searched for those terms) and not damaging to my use of Google, I can see their sponsored links at the top and decide to click them just like any other link. Most of all they don't get in the way, don't suck down massive bandwidth, don't introduce endless vunerabilities and are often what I am looking for. Similarly, the adverts on El Reg aren't obtrusive, I can tolerate those as a cost of the services provided. If websties had ads like that, ad blocking probably wouldn't be as essential. But sponsored search results and Reg adverts are the rare expction compared to the flash/video monstrosoties on most sites that hijack my browsing and my mobile bandwidth.

      1. A K Stiles

        Re: Hilarious

        Ads on el-reg aren't obtrusive? Well, except when they are the Microsoft / Lotus F1 style, autoplay video, or the mouse-over expanding ones... I specifically don't run ad-block on here because I want the reg hacks to get paid for the drivel / articles (delete as appropriate) they post, but those MS adverts were coming very close to making me re-enable it again!

    4. Paratrooping Parrot

      Re: Hilarious

      As an Android user, I have accidentally tapped on ads with my finger. However, what I have done is to make the phone ask me which browser it should use to activate the ad. So, I can get a second chance and click cancel. :)

  2. jake Silver badge

    The ignorant abound.

    Consumers have no clue about security. Multi-billion dollar multi-national corporations take advantage of of that lack of clue to push b0rken products on the GreatUnwashed.

    Is there an answer to this obvious problem? I doubt it ... there is a reason governments world-wide are cutting funding to the most basic of basics, education.

    1. Anonymous Coward
      Anonymous Coward

      Re: The ignorant abound.

      "Multi-billion dollar multi-national corporations take advantage of of that lack of clue to push b0rken products on the GreatUnwashed."

      Read much?

      The exploit only works on jail broken iphones i.e. phones whose security has been intentionally compromised by the user

  3. Steve Davies 3 Silver badge


    There is something to be said for the apple walled Garden

    {ducks to avoind incoming missiles}

    mines the one with an old dumb Nokia in the pocket.

    1. Longrod_von_Hugendong

      Re: Perhaps

      Yours could also be the new dumb Nokia with Windoze fone 8.1 in the pocket...

    2. GregC

      Re: Perhaps

      There are many things to be said about the Apple walled garden. In the context of security I'd describe it as a sticking plaster over user ignorance/stupidity (delete as you feel appropriate) and an encouragement to users to abdicate any responsibility for their own device and it's security.

    3. Jonathan Bliss

      Re: Perhaps

      Totally agree.

      I have no idea why you would jailbreak an Apple device. You can get as good or arguably better (depending on your needs) hardware more cheaply on an Android device that you can happily lift the hood if you want. Or you can buy an Apple device that does what it does brilliantly and fairly securely but doesn't let you do anything else; and charges you a premium for it.

      Both approaches have something to say for them and both have their fans. Jailbreaking your Apple things seems to create the worst of both worlds, pay more for less security, less real root access than you get on Android and hassle every time you want to upgrade.

      1. robin thakur 1

        Re: Perhaps

        It's not exactly a bed of roses on Android. Having tired of how sluggish my Samsung Galaxy S5 was, I rooted my HTC one m8 and installed twrp recovery and that managed to block OTA updates. In trying to do something so out there as installing the new OTA update from HTC, it unaccountably left my phone in a bootloop and I had to reinstall a factory rom image, losing all my data. Stupidly I had assumed it was backing up every night to the cloud automatically a la iPhone and lost everything.

        I only rooted it so that I could get the dot view case to display alerts from Hangouts (even rooted it still doesn't work) and allow me to put a different lock screen on it, Dashclock, which also doesn't quite do what I want (I want it full screen so I don't have to drag it down to full screen every time) neither of which you could do OOTB on that phone.

        Now this might be different on a Nexus device, but my experience of Android's 'flexibility' is decidedly variable and it does generally require that you root your phone, compromising the security unless you install something like Super SU. Compared to what you are losing in terms of convenience and the fact that iOS is pretty much at feature parity now with far better hardware quality, long story short, my next phone will be an iPhone 6 when it gets released.

  4. Mark Simon

    Ads are good …

    I use them to work out which vendors to avoid.

    Anybody who begins a business relationship by annoying me is just setting the scene.

    1. lurker

      Re: Ads are good …

      Yup, nothing has done more to damage my opinion of oracle than having to uncheck the bloody 'ask toolbar' option every time java needs an update (which seems to be every day ending in a 'y' as far as I can work out). Just makes them look cheap: "You're a multinational seller of enterprise software, and yet you need to make that extra buck by bundling crapware with your installers?"

  5. Neil 44


    One of the obvious things to install when you have jailbroken / rooted a device is an adblocker - which surely would kill this attack pretty effectively...

    (I'm assuming they exist for iDevices... I know they are not available on the Google Playstore - but if you're capable of rooting a phone, they are easy to find and install)

  6. Ho Ho Hipster

    So this is doing a favour to users?

    By making life less attractive to those spaffing unwanted adverts at them?

    It seems to be one up for jailbroken devices and one down for intrusive spaffers.

  7. ravenviz

    Scores of iPhones

    More than 3750 scores then?

  8. Anonymous Coward
    Anonymous Coward

    I like it

    I hate ads, and if somebody can divert the monies away from the advertisers, great!

  9. Someone Else Silver badge

    No honor among thieves

    (The 'thieves' I was referring to are, of course, the "advertisers", and their proxies -- the developers who enable them.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021