This claim is FUD as Apple has already closed the vulnerability
Apple announced yesterday that all versions of iOS since the update to iOS 8.4 which was released on June 30, 2015 are immune to YiSpecter. The immune versions include all devices with iOS 8.4.1, iOS 9, 9.0.1, and iOS 9.0.2 installed. . . so if you are a user with those iOS versions installed, there is nothing to worry about.
To get infected you have to be using an iPhone or iPad using a version of iOS 8.3 or older and then download an app from a NON-Authorized source (an un-authorized App Store or website), ignoring the warnings, and allow it to install. These are basically side-loaded using Enterprise Business Certificated apps which were intended to allow businesses to install and update their private proprietary apps on employees' devices.
This is something that has been a practice and a problem in China for a number of years and has fostered a number of third-party unauthorized app stores selling un-authorized apps, mostly to jailbroken iPhones using borrowed or stolen Enterprise certificates. Last year almost 65% of the apps on these stores had some kind of malware associated with them. . . These side-load stores were also the source of the over 4000 XcodeGhost apps that were falsely attributed to being in the Chinese Apple Store when there were actually fewer than fifty.
Biting the hand that feeds IT
