Tuesday, May 24, 2016

Masque Attack Security Flaw In iOS Replaces Legitimate Apps With Malware

Masque Attack is a brand new thrt to and all iOS users. It replaces legitimate, App Store downloaded apps with ones loaded with malware. It rlly isn't something that you want to happen to your device and in this post we give you the hds up on all the information that we have received so far. This thrt was discovered back in July 2014, when installing an app using �enterprise/ad-hock� provisioning that it could replace a uine app on your iOS device if it had the same �bundle identifier�. This app could display the title it wanted during the installation process but once on the device, this malware could then replace any user-installed app, but not the pre-installed ones from Appple. FireEye says that it informed about this back on the 26th of July, but since then, the tm of resrchers have verified that this vulnerability still exists in iOS 7.1.1, 7.1.2, 8.0, 8.1, and the new iOS 8.1.1 beta. The vulnerability and thrt remains for both jail and non-jail devices as Masque Attack works through wireless networks as well as USB connections. The previous thrt that we saw, WireLurker which infected iOS devices through Macs using USB, was also using Masque Attack's ghosting in limited form. responded to WireLurker after news of it sprd and FireEye believes that the thrt from Masque Attack is far grter than WireLurker could ever have posed. They have said that the malware can replace authentic apps such as banking ones and replace them with ones from the attacker. Such apps can even sport the same UI as well ensuring that the attacker is able to collect all your personal details. Another surprising fact is that this malware can even access the original app's local data which wasn't removed when the original app was replaced. This data may contain cached emails, or login-tokens, which the malware can then use to log into the user's account directly. FireEye has also taken note of the security consequences that Masque Attack can have on infected iOS devices. While these details are too technical in nature, it does paint a picture of the seriousness of this issue and how sy it is for Masque Attack to stl personal information, including financial details from any infected iOS device.

No comments:

Post a Comment