How can Masque Attack Exploit iOS Device through Apps

How can Masque Attack Exploit iOS Device through Apps?

Android have been a target for cyber crooks for a long time, but now it seems that their attention has been turned towards iOS devices. Apple used to say that hacking their devices is not feasible because of their incorruptible mobile application security,  but now hacking an iPhone has become possible due to one single app.

Ipads and iPhones are now vulnerable to cyber attacks because of a security flaw in the mobile iOS operating system of Apple. Cyber security firm FireEye published the details about this vulnerability on its blog, saying that the bug allows hackers to gain entry into devices by making users download infected iOS applications on their iPad or iPhone through bugged text messages, web links and emails.

Trusted Apps Are Being Replaced by Masque Attacks

The malignant iOS app can be used to change legitimate apps such as social networking or banking apps. Those apps that were installed through Apple’s official App Store are changed through a technique that FireEye is calling “Masque Attack”.

The researchers, on the company blog said, “This vulnerability exists because iOS doesn’t enforce matching certificates for apps with the same bundle identifier. An attacker can leverage this vulnerability both through wireless networks and USB.”

This technique can be used by cyber attackers to steal credentials such as banking and email logins and other critical user information.

As per security researchers, Masque attack works on Apple’s mobile operating system whether or not the device is jailbroken. The attack works on the 8.1.1 beta version and all of the iPhones and iPads running iOS 7 or later, as well as iOS 7.1.1, 7.1.2, 8.0, 8.1.

According to FireEye, a large majority, approximately 95 percent, of all iOS devices used right now are vulnerable to this attack.

More Dangerous as Compared to Wirelurker

The technique of this attack is the same as Wirelurker malware attack. The attack was discovered at a security firm called Palo Alto Networks and it was targeting Apple users in China. It allowed illegal apps that were created to steal information to be downloaded from the internet. But the Masque attack is a much bigger threat than Wirelurker.

Impact of Masque Attack:

Masque attack impacts mobile apps that were installed on an iOS device through this technique will:

  • Copy the authentic app’s login interface to swipe the victim’s login details.
  • Access personal information from local data caches.
  • Conduct background checks of the user’s device.
  • Gain root access to the iOS device.
  • Be identical to the genuine app.

Solution:

 iOS users can save themselves from this attack with the following steps:

  • Do not install apps from any other source but, Apple’s official App Store.
  • While viewing a web page do not click “install” from a third-party pop-up.
  • While opening an application, if the following information pops up “Untrusted App Developer”, you should uninstall the app at once by clicking on “Don’t Trust”.

 



Let us know what you think