Masque Attack Leaves Apple Devices Vulnerable

After Apple’s much-publicized iCloud celebrity photo hack in August, Apple’s iOS system is under siege once more.

FireEye recently reported that they discovered a vulnerability in Apple’s iOS software, called “Masque Attack.” This new attack tricks users to download a malicious app with a deceiving name crafted by the hacker like, “New Angry Birds.”

The vulnerability exists because iOS doesn’t enforce matching certificates from apps with the same bundle identifier. Masque Attack couldn’t replace Apple’s own platform apps such as Mobile Safari, but it can replace apps installed from app store.

FireEye has identified 3 steps in which iOS users can protect themselves from Masque Attacks:

1.     Don’t install apps from third-party sources other than Apple’s official App Store or the user’s own organization

2.     Don’t click “Install” on a pop-up from a third-party web page,  no matter what the pop-up says about the app. The pop-up can show attractive app titles crafted by the attacker.

3.     When opening an app, if iOS shows an alert with “Untrusted App Developer”, click on “Don’t Trust” and uninstall the app immediately

Luckily, FireEye hasn’t identified any hackers that have used this method yet. However, it is a warning to users to be careful when downloading apps that don’t come from the official Apple Store.

Masque Attacks can replace authentic apps like banking apps, meaning that the hacker can steal a user’s banking information by replacing an authentic banking app with malware that has an identical UI.

Apple Pay users …beware.

 

Authors

Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone

Try AccelOps FREE for 30 Days

 

Get a Live Product Demo

 

Tags

cloud security big data RSA analytics compliance Q&A PCI DSS HIPAA Sarbanes Oxley (SOX) Target breach

About Accelops

AccelOps provides the leading IT operations analytics platform for the modern data center. The virtual appliance software monitors security, performance and compliance in cloud and virtualized infrastructures – all from a single screen.

 

AccelOps automatically discovers, analyzes and automates IT issues in machine and big data across organizations’ data centers and cloud resources, spanning servers, storage, networks, security, applications and users. AccelOps’ patented analytics engine with cross-correlation and statistical anomaly detection sends real-time alerts when deviations occur that indicate a security or performance-impacting event.

 

The AccelOps platform scales seamlessly and provides unmatched delivery of proactive security and operational intelligence, allowing organizations to be more responsive and competitive as they expand their IT capabilities. 

Keep Social