Educause Security Discussion mailing list archives

Re: iPhone contacting a sinkhole

From: Mike Iglesias <iglesias () UCI EDU>
Date: Fri, 20 Nov 2015 12:55:52 -0800

On 11/20/2015 12:44 PM, McClenon, Brady wrote:

We have received three alerts from REN-ISAC in the last month or so about an
address on our network contacting a sinkhole.  In each case the device was a
student’s iPhone on our residential network (a different student in each
case).  I’m curious if anyone else has seen this and if they have had any luck
determining what is causing it.


It's XcodeGhost.

http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/

We've had RI notices about this too.  We point the students at the page above
and tell them to remove all the apps noted on the list of apps that page
points to, and then reinstall them if they want them back.


-- 
Mike Iglesias                          Email:       iglesias () uci edu
University of California, Irvine       phone:       949-824-6926
Office of Information Technology       FAX:         949-824-2270

Current thread:

iPhone contacting a sinkhole McClenon, Brady (Nov 20)
- Re: iPhone contacting a sinkhole Mike Iglesias (Nov 20)
  - Re: iPhone contacting a sinkhole Michael Cole (Nov 20)
  - Re: iPhone contacting a sinkhole Michael William Zimmer (Nov 20)
    - Re: iPhone contacting a sinkhole Scott Finlon (Nov 23)
- Re: iPhone contacting a sinkhole Ricardo Fitipaldi (Nov 20)