iOS Faces Latest Security Threat
Seems like Apple and iOS can’t catch a lucky break. Ever since the release of iOS 8, the OS for phones has been riddled with multiple issues, although updates and fixes were released almost immediately to fix them. Researchers warn users of a bug in iOS making iPads and iPhones vulnerable to hackers seeking sensitive data.
FireEye Inc., a firm dealing in cyber security published details of the bug on their official blog discussing how vulnerable the bug leaves iOS users to hacking. Tainted with malware, texts, web links and emails the bug enables hackers to access the target’s device. Dubbed “masque attack,” this technique identified by FireEye Inc. replaces genuine software and trusted apps on Apple’s App Store with malicious versions laced with malware. According to the cyber security firm, the bug can steal email and banking login information leaving users open to exploitation.
Despite Apple’s robust security, something it prides itself for, Tao Wei, FireEye has found that the bug bypasses traditional techniques used to hack Windows and Android smart phones. David Richardson, iOS product manager for mobile security firm Lookout, says that the “masque attack” technique exploits Apple’s policy of allowing large firms to release custom-built software without going through the Store. This is different from regular App Store installations, vetted by security, where pop-up notifications notify the user if they decide against installing any app.
FireEye who discovered and disclosed the bug to Apple in July, say that Apple’s representatives are working to fix the bug. Apple did not confirm or deny the bug’s presence yet, although news of this bug has been circulating online on forums in the security expert and hacker community. After WireLurker from Palo Alto Networks Inc., uncovered the bug last week, FireEye had to go public with the news, but hopefully the earlier detection means that a fix is around the corner.