Researchers develop iOS keylogger




Security researchers have developed a method that allows them to register all iOS actions of a user through an application and send it to a server. The app also works on iPhone without jailbreak, because researchers can bypass the App Store.

Employees of the security company FireEye show on their blog a proof-of-concept app that they can distribute. outside the App Store The app runs in the background and is capable of information on all actions of the user store, so too are touching the touchscreen stored, including screen coordinates. The app has been tested on iOS 7.0.4, but works according to the researchers also versions 7.0.5, 7.0.6 and 6.1.x.

Users can specify the settings which apps can keep running in the background. However, applications can bypass this setting for specific purposes. For example, if an application indicates that music should continue to play, the app automatically allowed to run in the background.

Because of the rigorous review process by Apple such an app would never be allowed in the App Store, the researchers FireEye were found to circumvent the App Store one way. Through phishing they can persuade a user to install the app. It is also possible via a vulnerability in another app. The researchers have disclosed no further information on the methodology used. They claim to be working to fix the problem. Along with Apple


In: Technology & Gadgets Asked By: [15554 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »