Maniben Connect

world of internet security, latest cyber security news,information,updates on technology,it job vacancies,internet security,breaches,and safeguards

ATTENTION ALL IPHONE USERS

Vulnerability Leaves iPhones and iPads open to Fake App Attack

 


















It has been discovered  by security researchers that there is a vulnerability in ipads and iphones  that allows attackers to install fake which replace real ones.
A mobile security company{fireeye}, said the problem, which it calls "Masquerade Attack," allows attackers to gain access to enourmous amounts of personal information.

In a video demonstration of the attack, an iPhone was sent a email containing a URL link to install a new version of the "Flappy Bird" game. When the user clicked the link, the iPhone asked the user to confirm installation of the game, but once the user clicks on the confirmation link, what was actually downloaded and installed was a compromised version of the Gmail app.

The new Gmail app, which replaces real one, mimicked it,and works like the real one making it difficult for a user to detect the change. But unknown to the user, in the background, it uploaded the entire user inbox to a server run by the attacker. A second part of the attack, also demonstrated in the video,gives attacker access to all text messages sent to the phone.

Access to both email and SMS messages is frightening enough, but is especially problematic as both are used for password reset links and security PIN codes for access to apps and, sometimes, bank accounts.

This vulnerability exists in iOS versions 7.1.1, 7.1.2, 8.0, and 8.1.1 beta and this is possible because iOS doesn't check the validity of the app's bundle identifier(an ID string which is carried by each app that is supposed to be unique). If a fake application uses the same bundle identifier as a legitimate app, iOS doesn't question it, even if it comes from a different source, said FireEye.
Bowing to enterprise demand, Apple a year ago introduced the ability for IT to directly provision apps to iOS devices, bypassing the Apple App Store. The Masquerade Attack exploits that capability.

The only apps that are resistant to the attack are those that are preinstalled.
FireEye said it notified Apple about the problem on July 26.
Users can protect themselves against such attacks by only installing apps from Apple's App Store or a trusted enterprise store. Users are advised against clicking Install on pop-ups from third-party websites, no matter what reassurances are given, and clicking Don't Trust if the iPhone or iPad presents a pop-up saying the developer is not trusted.

To see if any apps have already been installed this way, iOS 7 users can check the provisioning profiles in the Settings app (General > Profiles) for suspicious entries, said FireEye. Phones running the latest iOS 8 don't show provisioning profiles, so such a check is not possible, the company said.

0 comments:

Post a Comment