Press Release Archive

Wandera detects Semi Jailbreak in the wild, a new mobile threat for enterprises

Threat goes undetected by common jailbreak detection tools

LONDON, 2nd September 2015: Wandera, the provider of advanced mobile threat prevention for enterprises, has begun to find numerous new incidences of the mobile threat, Semi Jailbreak (SemiJB), which affects iOS versions up to 8.4.1. SemiJB allows users to install applications, games and themes using the SemiJB Cydia app store, where apps may not have undergone the standard Apple vetting processes.

How it works
The process utilises a provisioning profile to enable the installation of the vShare App (the default SemiJB launcher), which takes on the role of SemiJB app store. This app store contains different applications available for download including official and third party apps.

SemiJB is not a full-blown jailbreak process, where users are granted root privileges over the device; consequently common jailbreak detection mechanisms are unable to detect it.

There are several security implications for the corporation when SemiJB devices are used by employees:

  • Unverified apps from unknown developers can be downloaded onto the device and allowed onto the corporate network.
  • User privacy can be compromised
  • Apps built with weak security increase the risk of leakage of sensitive data
  • The vShare app itself can lead to privacy violations such as making user credentials visible, leaking the device name, and information about apps already installed on a device

Comment from Eldar Tuvey, CEO of Wandera
“This is a relatively new threat – detected in 10 enterprises on our network, in the US and UK but the rate of infection seems to be accelerating. Because of its nascent nature, it is going undetected by many current jailbreak detection mechanisms. The vShare app in particular has the potential to put enterprises and their data at real risk. We believe the only way to effectively protect corporate networks against these kind of threats is by being on the device and in the cloud. In order to protect corporate networks and have hope on detecting advanced threats, we recommend enterprises take a multi-dimension approach to their mobile security.”

Wandera has alerted its customers to the potential new threat through its Threat Advisory Series, which provides technical analysis of unique and significant mobile threats detected in Wandera’s global network of enterprise mobile devices.

More information about Semi Jailbreak can be found here.

About Wandera
Wandera is the leader in mobile data security and management, protecting enterprises with real-time threat prevention, compliance and data cost management. Wandera’s multi-level architecture, which includes a pioneering cloud gateway for mobile, offers unrivalled visibility and control. With the industry’s largest mobile dataset, Wandera analyzes billions of daily inputs across its network in real-time to detect emerging mobile attacks and protect sensitive company data. Founded in 2012, Wandera is headquartered in San Francisco and London. For more information visit the website wandera4.wpengine.com