AAPL Stock: 126.44 ( -0.16 )

Printed from

New malware stealing advertising revenue from jailbroken iOS devices

updated 09:08 am EDT, Wed August 20, 2014

Package changes developer ad ID with that of assailant with Cydia Substrate

A new piece of malware has started infecting jailbroken iOS devices earlier this year. The "AdThief" or "Spad" package hijacks advertising clicks and revenue, and redirects them to the author of the package, rather than the developer who inserted the advertising in the first place. The malware is simple and low profile -- it replaces the developer's ID with the attacker's ID. Mobile ad kits targeted by the AdThief malware are mostly from Chinese vendors, with four in the US, and a pair in India.

Publication Virus Bulletin has likely identified the original author as "Rover12421," who is known for Android hacks. In a public comment in March, he claimed that the package was "closed" and denies having anything to do with the release of the package.

Virus Bulletin (PDF) claims that 22 million ads have had income redirected, but it is unknown how much actual revenue this has generated. The package requires the Cydia Substrate, the layer that allows custom code to be loaded and execute on jailbroken devices. Without the substrate, the virus has no effect and can't install, so un-jailbroken devices remain immune to the attack.

by MacNN Staff



  1. msuper69

    Professional Poster

    Joined: 01-16-00

    Jailbreaking has consequences.
    This is one of them.
    Not surprised nor sympathetic.

  1. ElectroTech

    Junior Member

    Joined: 11-26-08

    It is simple. Pay for your software and quit stealing it. Get an Android phone if you are a cheapskate thieving scum.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99

    There are other reasons for jailbreaking than being a cheapskate thieving scum.

    Go argue politics if you are a pre-supposing judgemental guy.

  1. climacs

    Mac Enthusiast

    Joined: 09-06-01

    "There are other reasons for jailbreaking than being a cheapskate thieving scum."

    and no matter whether your motive(s) for jailbreaking are good or bad, you are still taking risks and this malware is one of those risks.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99


  1. Charles Martin

    MacNN Editor

    Joined: 08-04-01

    And this is exactly why I stopped jailbreaking my iPhone (and for the record, I never did so to pirate software; in my case it was done to unlock my out-of-contract iPhone years before AT&T allowed that). I always knew that at some point, the same vulnerabilities that allowed jailbreaking to happen at all were going to be use to introduce malware to the iPhone platform. It was inevitable.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Prong PWR Case

Ultimately there's one thing we all want from smartphone accessories; we want options. When it comes to keeping our iPhone charged, w ...

iHome iBT74 Color Changing Bluetooth Speaker

There's no reason why your tech can't look good while doing what it was designed to do. That's the reason that sports cars look goo ...

Logitech Gaming Daedalus Prime Mouse

Logitech Gaming continues to expand upon its peripherals line, with each one looking to fit neatly into a breadth of gaming needs. Bui ...


Most Commented