Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

SecurityRisk.Zerghelp

SecurityRisk.Zerghelp

Updated:
February 24, 2016
Infection Length:
21,506,666
Risk Impact:
Low
Systems Affected:
iOS

Behavior

SecurityRisk.Zerghelp is a detection for an iOS application that can bypass security restrictions on the device.

Antivirus Protection Dates

  • Initial Rapid Release version February 22, 2016
  • Latest Rapid Release version September 22, 2016 revision 024
  • Initial Daily Certified version February 22, 2016
  • Latest Daily Certified version September 22, 2016 revision 025
  • Initial Weekly Certified release date February 24, 2016
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
When the program is executed, it connects to the following remote location:
  • xyzs.com

This website displays applications that are reportedly not approved for distribution on Apple's official App Store.

If a user chooses to obtain an application from this site, then the program downloads and installs the selected application by signing a certificate. The program obtains this certificate in an inappropriate way, directly from Apple servers.

When the program is executed outside of China, it may disguise itself as a nonmalicious app in order to evade code reviews on the App Store.