According to recent information released by FireEye, an iPhone security bug leaves your device susceptible to hackers, who are using malicious apps to crack into iOS devices.
Gone are the days when iPhone owners would feel safer than Android owners. Hackers are finding more sophisticated ways to crack into devices such as the iPhone, and recent findings suggest that a security bug allows hackers to fool your device into downloading malicious applications.
This malicious app acts as an actual iPhone application, runs as one, but serves as a covert gateway that hackers can use for various purposes. This information was only obtained after FireEye, a security firm, examined more than 400 GB of corporate data that had been leaked during a security breach of a firm that had been collaborating with various governments and intelligence services.
But similar malicious applications have already been replicating popular apps such as Viber, Skype, WhatsApp, Twitter and Facebook. The only means to tell it apart from the actual app is to know that it only acts in conjunction with a notification message or phishing email: basically, you can only download that particular application by clicking on the link provided in the message or link.
Masque attacks have been an issue that FireEye has been cautioning users about, yet these recent attacks are believed to be the first ever to occur outside of a test laboratory environment.
In total, FireEye reports to having identified eleven distinct iOS applications using such masque attacks. This is the first time that iOS malware has targeted non-jailbroken iPhones and iOS devices.
“It could look identical to the standard app but have extra functionality,” Simon Mullis, FireEye global technical lead explains. These applications function much like a normal app, however, they hijack your device’s communication avenues and steal information and login credentials.
FireEye hasn’t identified the number of users affected by these masque attacks.
Photo credits: 1