AAPL Stock: 129.97 ( + 1.51 )

Printed from

New malware stealing advertising revenue from jailbroken iOS devices

updated 09:08 am EDT, Wed August 20, 2014

Package changes developer ad ID with that of assailant with Cydia Substrate

A new piece of malware has started infecting jailbroken iOS devices earlier this year. The "AdThief" or "Spad" package hijacks advertising clicks and revenue, and redirects them to the author of the package, rather than the developer who inserted the advertising in the first place. The malware is simple and low profile -- it replaces the developer's ID with the attacker's ID. Mobile ad kits targeted by the AdThief malware are mostly from Chinese vendors, with four in the US, and a pair in India.

Publication Virus Bulletin has likely identified the original author as "Rover12421," who is known for Android hacks. In a public comment in March, he claimed that the package was "closed" and denies having anything to do with the release of the package.

Virus Bulletin (PDF) claims that 22 million ads have had income redirected, but it is unknown how much actual revenue this has generated. The package requires the Cydia Substrate, the layer that allows custom code to be loaded and execute on jailbroken devices. Without the substrate, the virus has no effect and can't install, so un-jailbroken devices remain immune to the attack.

by MacNN Staff



  1. msuper69

    Professional Poster

    Joined: 01-16-00

    Jailbreaking has consequences.
    This is one of them.
    Not surprised nor sympathetic.

  1. ElectroTech

    Junior Member

    Joined: 11-26-08

    It is simple. Pay for your software and quit stealing it. Get an Android phone if you are a cheapskate thieving scum.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99

    There are other reasons for jailbreaking than being a cheapskate thieving scum.

    Go argue politics if you are a pre-supposing judgemental guy.

  1. climacs

    Dedicated MacNNer

    Joined: 09-06-01

    "There are other reasons for jailbreaking than being a cheapskate thieving scum."

    and no matter whether your motive(s) for jailbreaking are good or bad, you are still taking risks and this malware is one of those risks.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99


  1. Charles Martin

    MacNN Editor

    Joined: 08-04-01

    And this is exactly why I stopped jailbreaking my iPhone (and for the record, I never did so to pirate software; in my case it was done to unlock my out-of-contract iPhone years before AT&T allowed that). I always knew that at some point, the same vulnerabilities that allowed jailbreaking to happen at all were going to be use to introduce malware to the iPhone platform. It was inevitable.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

OmniPlan (OS X, iOS)

We reviewed the Omni Group's most famous Mac software, a To Do app called OmniFocus, back in June 2014, and we were impressed. Some o ...

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...


Most Commented