A recently-discovered vulnerability in Apple’s mobile operating system could potentially allow attackers to con users into replacing apps that have access to personal information with hacked versions that relay this info to malicious sources. These hacked apps are said to be distributed via email or through web links and installed using iOS’s enterprise provisioning system which allows apps to be added to a device from places other than the App Store.
According to the security firm, FireEye, the vulnerability, which is dubbed “Masque attack” is possible mainly because iOS doesn’t verify that the code signing certificate is the same for apps that use the same bundle identifier. An app with the same bundle identifier as that of let say Angry Birds could be installed on top of the legitimate Angry Bird app as it basically copies the latter’s user interface but sends login data back to the attackers’ servers instead. The only apps that are said not to be affected are default apps such as Safari and Mail. The security firm claims they notified Apple of the issue at the end of July but the current version of iOS continues to remain vulnerable to the attack.
Those of you interested in watching a demo of the vulnerability can do so below:
The Masque attack as a whole can be seen as a form of phishing which is a malicious form of tricking users into submitting sensitive data to real looking website that are in actuality fake. Apple hasn’t responded to the issue just yet but the Cupertino California company likely will as the issue becomes more public.
Source: FireEye via AppleInsider
Message