The new found malware works in a very complicated manner. According to the security company, AceDeceiver uses a method called FairPlay Man-in-the-Middle. In this mechanism, the attackers purchase apps and save the authorization code required for it to work on an iOS device. The iPhone users who download the client called AiSiHelper program which mimics iTunes will now be under the procession of an infected computer.
As soon as the user plug in their iPhone device, attackers can send an authorization code to trick the user’s device to give an impression that it is a paid app. Once the app download is complete on the victim’s phone, it will then prompt them for their Apple ID and password, which the attackers can access.
As per Palo Alto Networks, this method is often used to pirate apps before however, this is the first time FairPlay MITM has been used maliciously. The security firm also suggested that it is a pretty simple method and will be soon copied by other attackers.