Due to the increasing use of mobile devices and apps to view copyright protected content (e.g. movies) on the go, digital rights management (DRM) protections have primarily been used to protect the digital intellectual property and control their distribution and usage on mobile devices. Unsurprisingly, attackers have sought to circumvent or bypass DRM control in order to obtain unauthorised access to copyrighted content. Given the ongoing and rapidly changing nature of mobile device technologies, it is essential for DRM protection designer to have an in-depth understanding of an attacker's capabilities and the potential attack vectors (e.g. vulnerabilities that can be exploited to bypass DRM protection). In this paper, we propose an adversary model that formalizes the real world capabilities of a DRM attacker targeting Apple iOS devices. We then demonstrate its utility using four Video-on-Demand (VoD) apps, one live TV app, and a security DRM protection module. To avoid similar structural mistakes in future designs, we outline two recommendations.