0:00
what's going on YouTube GS nor here in
0:02
today's video we're discussing about why
0:04
you should restart your iPhone iPad iPod
0:06
touch right now it's important to do it
0:09
and we're going to get into why this
0:11
video is brought to you by tenor share
0:12
reboot a software that allows you to
0:13
repair a broken iPhone that is no longer
0:15
booting but it can also allow you to
0:17
downgrade from IOS 18 beta if you don't
0:19
like the beta and you want to go back to
0:21
iOS 17 definitely check it out in the
0:23
link below a fre trial is available so
0:25
the biggest reason why you should
0:26
restart your phone from time to time and
0:28
you should do it right now cuz I'm
0:30
pretty sure you haven't in a long time
0:32
is malware yes iOS malware is indeed
0:35
real many people believe that iOS
0:37
malware doesn't exist that Apple
0:39
computers and Apple phones don't get
0:41
malware that's something for Windows
0:43
that's something for Android people
0:45
right well it turns out it isn't and the
0:47
cases of iOS malware have indeed
0:50
increased in the past couple of years
0:52
you got Trojans and adware and
0:54
ransomware and various sophisticated
0:56
attacks now you may think well I'm
0:58
careful enough that I don't download
1:00
applications from third party app stores
1:03
and I'm actually careful what websites I
1:05
use I'm going to tell you that there is
1:06
malware on iOS that requires zero user
1:09
intervention zero clicks zero
1:11
application installs you just get a
1:13
message or an email or really nothing
1:16
and your phone gets infected I'm not
1:18
trying to scare anybody into believing
1:20
that oh you're going to get hacked in
1:22
the next couple of seconds however
1:24
actual malware is completely open source
1:26
and even for the most recent iOS
1:28
versions th seashell for example now
1:30
this is at its core a security framework
1:33
and it's not intended for malware or for
1:35
you know malicious use however it is in
1:38
here to demonstrate how you can actually
1:40
create pretty powerful malware on iOS by
1:43
just taking advantage of some minor
1:45
stuff for example troll store something
1:47
that many people use and I talked in
1:50
detail about it how it works and what
1:53
your device may actually encounter if
1:55
you do get this installed but in a
1:56
nutshell once you are infected with this
1:58
the attacker can have access to
2:00
everything on your device including your
2:02
messages your calendar your contacts
2:04
your photos your bank account anything
2:07
from the device is now in the position
2:09
of the attacker and this is a completely
2:11
open-source tool anybody can download it
2:13
modify it around a little bit and
2:15
distribute it as malware this is not
2:17
even the only case if you think about it
2:19
just a quick search shows that there's a
2:21
lot of iOS malware and the only way to
2:24
stay safe would be to periodically
2:26
restart your device let's take this
2:28
example over here from th guide first
2:30
ever iOS Trojan discovered it's stealing
2:33
facial recognition data to break into
2:35
bank accounts you'd think iOS devices
2:37
are secure and this is only happening on
2:39
Android but the Android attackers that
2:41
developed this kind of malware for
2:42
Android apparently ported it to IOS as
2:45
well because why would they leave us
2:46
behind right and now you can actually
2:49
get this kind of mare even on iOS and to
2:51
make matters even worse they used Apple
2:54
test flight in order to distribute the
2:56
malware for those of you who are unaware
2:58
test flight is a program from Apple that
3:00
allows you to submit as a developer
3:01
applications and have people try them
3:03
out before they reach the App Store like
3:05
beta testers for your own app so for
3:07
example Facebook can issue a test flight
3:10
version of their new app before they
3:11
release the update to the App Store and
3:13
it could be a beta tester and the
3:15
attackers used exactly the test flight
3:17
program in order to distribute facial
3:19
recognition data extracting malware
3:22
definitely not good there's also the
3:24
Pegasus spyware that was a pretty big
3:26
scare a couple of years ago and this one
3:28
worked at that time on the latest
3:30
version and it could read text messages
3:32
and emails access the microphone and
3:34
Camera listen up on your phone
3:35
conversations record your password it
3:37
could do a lot of damage so if you are
3:40
indeed caught up in one of these it's
3:42
not great now yes indeed malware on iOS
3:45
doesn't usually Target the random people
3:47
on the street that have a phone it's
3:49
usually targeted at somebody who is a
3:51
political figure or I don't know in an
3:53
important position in a company they
3:55
usually are targeted attacks however not
3:58
all of them are and with m essentially
4:00
being open source like the seashell
4:02
project over here which can definitely
4:05
be weaponized you could actually
4:06
encounter malware much more often than
4:09
you would believe and just take a look
4:10
at the security content of iOS 17.5 a
4:14
recent iOS version over here there are
4:16
several vulnerabilities patched over
4:18
here that could definitely be exploited
4:19
for that purpose now if you go ahead in
4:21
here you would have at first a couple of
4:23
kernal vulnerabilities which are pretty
4:25
bad to begin with then you have male
4:27
vulnerabilities so an attacker with
4:28
physical access Maybe be able to lck
4:30
mail accounts a maliciously crafted
4:32
email may be able to initiate FaceTime
4:34
calls without user authorization and if
4:36
you scroll all the way down in here for
4:38
example you have webkit vulnerabilities
4:40
and this is bad because webkit is what
4:42
powers Safari so every time you go on a
4:45
website in Safari when you search
4:47
something web kit is active in the
4:48
background doing all the work every time
4:50
you open a web page in an application
4:52
maybe an about page maybe an account
4:54
creation page whatever webkit is active
4:56
and there are tons of webkit
4:59
vulnerabilties around and these could
5:01
definitely be used for various nefarious
5:02
things there's a web kit vulnerability
5:04
patched in 17.5 that says processing web
5:06
content may lead to arbitrary code
5:08
execution so this could essentially be
5:10
used to run attacker's code on your
5:12
device at that point if they chain it
5:14
together with other exploits your device
5:16
could be completely compromised and you
5:17
wouldn't even know it you wouldn't even
5:19
get a notification then we have another
5:21
webkit vulnerability a maliciously
5:22
crafted web page may be able to
5:24
fingerprint the user so essentially
5:26
tracking you processing a maliciously
5:27
crafted web content may lead to code
5:30
execution once again and there are lots
5:32
of this you can actually see there are
5:34
quite a lot of webkit vulnerabilities
5:35
only in this version alone but every
5:37
single major iOS version that Apple
5:40
releases and once the security content
5:42
is out you can see a lot of web kit
5:43
vulnerabilities in there so these all
5:45
can be used by an attacker so what can
5:47
you do is to at least restart your phone
5:50
from time to time because there is
5:51
something called persistence in memory
5:53
so once malware gets to your device for
5:56
example by clicking on a link that you
5:58
shouldn't have clicked on or opening a
6:00
malicious application or even receiving
6:02
a mail that was infected and it used a
6:04
zero click attack on your device that
6:06
malware stays in the memory and as long
6:09
as you do not reboot the phone that
6:11
malware can remain in the memory now
6:13
once you reboot your phone the phone's
6:14
memory gets cleared out and everything
6:16
including the malware gets terminated so
6:19
they would have to reinfect your device
6:21
re-trigger the malware in order to
6:23
infect you again after a reboot there is
6:25
indeed malware that can be persistent
6:27
even after a reboot but those are
6:28
extremely rare and far between most
6:31
types of malware will be cleared out
6:33
once you reboot the phone that's why
6:34
it's a great idea to always reboot your
6:36
phone at least once a week it helps the
6:38
performance and we're going to talk
6:39
about that in another video but it also
6:42
helps prevent malware because the
6:44
illusion that malware doesn't exist on
6:46
iOS and Mac OS is just that an illusion
6:49
you can definitely be infected and you
6:51
should restart your phone just in case
6:53
thank you for watching I am GSN till the
6:55
next time subscribe stay updated and
