Double-dipping malware steals iOS creds and roots Android

Old Apples, modded Androids, most at risk from Chinese DualToy trojan.

By Darren Pauli

A newly-outed trojan is exploiting iOS and Android devices, ripping iCloud credentials abusing the trusted link between phones and PCs, says Palo Alto security researcher Claud Xiao.

The attack appears to have failed in most circumstances, thanks to iOS’ sandboxing security controls, hardened modern Android operating systems, and the overt nature of the attack, and will flunk in all current attacks given the expiration of a certificate.

To read the entire article, please click here.