Criminals steal data by replacing original iPhone app




Researchers have managed to steal data from an iPhone, including emails and text messages. By a rogue app The application replaces an authentic app installed via the App Store. Apple has not released any solution to the leak of iOS 7 and 8.

Discovered researchers at the US security firm FireEye. They have a video that shows how the attack works. Put online Attackers would already apply the method in practice, finds FireEye.

The attack is called Masque Attack and allows an attacker to an authentic iOS application replaced by a malicious program. Before that, he sends a text message with a link to the victim. Who goes to a site once he clicks on the link. The site then shows whether the user wants to install an application, such as the popular game Flappy Bird.

The attacker an authentic iOS app replaced through the site. In the video FireEye demonstrates how the Gmail app is replaced by the installation of the so-called Flappy Bird game. This is possible because Apple does not check or use apps with the same Bundle ID same certificate.

Not stop there, as the researchers show. They show that the fake Gmail app can read the topics and content of emails in Gmail and send it to the attacker. Malware can also send text messages to server. A reboot does not make that message forwarding is broken.

In theory Masque Attack dangerous than the recently discovered Wirelurker which a USB connection to a PC or Mac is required. That malware spreads itself via infected apps in the Maiyadi application store for OS X and tries to infect iOS devices after an infection.

According FyreEye malicious use Masque Attack already in the wild. The attack works with iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta. It does not matter if Apple’s software is cracked or not and all official applications from the App Store to be replaced, except for the software that Apple itself flour evert on iOS devices. FireEye has Apple in July already been informed about the leak, but the US company has not yet given patch.

According to security users can protect themselves by Masque Attack to install apps outside the App Store or the own organization. In addition, according to the company users never have to ‘install’ button when a website tries to install an application. Also, they should not allow unknown developers, says FireEye.


In: Technology & Gadgets Asked By: [15532 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »