Ondrej Holzman Inattentive and careless iOS users face additional dangers. Just a week after the discovery WireLurker malware security company FireEye has announced that it has discovered another security hole in iPhones and iPads that can be attacked using a technique called a "Masque Attack". It can emulate or replace existing applications through fake third-party applications and subsequently obtain user data.
Those who download applications to iOS devices exclusively via the App Store should not be afraid of the Masque Attack, because the new malware works in such a way that the user downloads an application outside of the official software store, to which a fraudulent email or message (for example, containing a download link new version of the popular game Flappy Bird, see video below).
Once the user clicks on the fraudulent link, they will be taken to a web page asking them to download an app that looks like Flappy Bird, but is actually a fake version of Gmail that reinstalls the original app legitimately downloaded from the App Store. The application continues to behave in the same way, it just uploads a Trojan horse into itself, which obtains all personal data from it. The attack may not only concern Gmail, but also, for example, banking applications. In addition, this malware can also access the original local data of applications that may have already been deleted, and obtain, for example, at least saved login credentials.
[youtube id=”76ogdpbBlsU” width=”620″ height=”360″]
Fake versions can replace the original app because they have the same unique identification number that Apple gives to apps, and it is very difficult for users to distinguish one from the other. The hidden fake version then records e-mail messages, SMS, phone calls and other data, because iOS does not intervene against applications with identical identification data.
Masque Attack can't replace default iOS apps like Safari or Mail, but it can easily attack most apps downloaded from the App Store and is potentially a bigger threat than the WireLurker discovered last week. Apple reacted quickly to WireLurker and blocked company certificates through which applications were installed, but Masque Attack uses unique identification numbers to infiltrate existing applications.
Security firm FireEye found that the Masque Attack works on iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta, and Apple is said to have reported the problem in late July this year. However, the users themselves can protect themselves against the potential danger very easily - just do not install any applications outside the App Store and do not open any suspicious links in e-mails and text messages. Apple has not yet commented on the security flaw.
Apple is having a bad year. Flexible phones, the impossibility of calling from the phone, security holes like a pig, semi-functional wifi in Yosemite (that's every build's color). Where are the days when Apple did things right? I know, it was before the death of S. Jobs...
However, the users themselves can protect themselves against the potential danger very easily - just do not install any applications outside the App Store and do not open any suspicious links in e-mails and text messages.
But this still didn't work, because if it worked, malware and viruses simply don't exist today :)
It didn't work for "disobedient people", which the Czech Republic is full of, and that's why the laws and especially the road laws are just a joke for them, and not listening to this recommendation about unofficial software is also a path to destruction. So it would work if not for the corrupt mentality ;)
I would not involve the road laws, unfortunately they are not written to make our roads safer, but to support the municipal police and support income if it goes to the municipal coffers :((((
But that's not the discussion here :)
I am more interested in the mentality of people, especially from the Czech Republic. If instead of 1 pack of cigarettes they bought 90 apps for 4 cents each and didn't download them from unofficial sources and didn't jailbreak their iPhones, they wouldn't have to cry about losing their expensive devices :)
Of course, this whole thread was created in response to the nonsense prophecy: "since Jobs' death, everything is going well, and this year especially"
I just didn't like the comparison. In the last 2 years, thanks to my friends, I got bogged down in this topic and I don't like what's going on there and it's sometimes really disgusting :(
I admit that my response posted on the forum may have come across as angry, but that's me, I get straight to the point without any frills and I don't tend to get excited, I just write my opinion. Unfortunately, sometimes it's even at the price that I think I wrote my opinion understandably, but people don't know what I mean :(
I understood the analogy to mentality before, but I think that this new analogy (about the box, but not 4x applications) is much more accurate.
Add Jobs: I think Apple is currently looking. Although they don't have a leader like S.Jobs, they are not that bad. They have a lot of experienced and intelligent people who will be able to come up with interesting things, but it takes time. Personally, I think that it will be possible to compare Apple today and Apple with S.Jobs up to 10 years after his departure, until then it's just screams, but that's just my opinion...
Totally agree ;)
They had security holes earlier and quite more significant than this... For example, they added the ASLR layer in OSX 10.5, but it was fully functional only in 10.7 (if I'm not mistaken in the versioning), find the statement of security expert Dino Dai Zovi. As for recent bugs, find out about Heartbleed, Shell Shock…
Security bugs, were, are and will be, no matter if you use Linux, Windows, OSX, Chrome... It's only a matter of time before OSX or Linux becomes more widespread and these systems become more attractive to malware creators, you just can't avoid it and if you say that a system is "without errors" (like I once said about Linux), then you are just lying to your pocket...
By the way, if you want to be scared, find information about this year's Black Hat security conference and watch the lectures on USB firmware vulnerabilities, that's a bomb thing too :)
anonymous : That's bullshit again, it reminds me of Sobotka. I recommend switching to another platform and getting rid of iOS and Mac OS when S.Jobs is gone. Then you will be satisfied.
And on the most jailbroken device, do they install applications from somewhere other than the AppStore?
I would also be interested in that. Because I have never seen in my iOS the possibility to install an application other than through the AppStore. When "Install" popped up in that video, I never saw it.
Yes, you just need to have the application signed with an Enterprise certificate, then it can be installed this way.
It doesn't work without a jailbreak. Or send the link and I will try to install the application on my iPhone without jailbreak in this way.
Lukas Palda is right. It is possible, but there are few tech applications or they are so uninteresting that you don't know about them, but it is possible :)
So just download Storu and the problem is over
Hello everyone... according to me and the article, it is enough to follow the basic rules, as when using other devices connected to the net (regardless of whether it is iOS, Android, WIN, etc.) = do not click on attachments from unknown senders, do not play tricks and play an experienced "hacker", don't download suspicious files... I read a similar article on the "gossip" novinky.cz and if someone wants to harm any company, they will find a way...
For those who think that it is enough not to have a Jailbreak and install exclusively from the AppStore:
http://www.fireeye.com/blog/technical/cyber-exploits/2014/11/masque-attack-all-your-ios-apps-belong-to-us.html
From the paragraph: "iOS users can protect themselves from Masque Attacks by following three steps: ...".
Summary: after clicking on a link in an e-mail or sms, a dialog box with the option "Install" (or Trust Developer) may also appear to you. That is actually the essence of this problem.
You may think that you are not clicking on the links, but your friends, family, etc. are. they don't have to have IT knowledge like you, and therefore it is advisable to instruct them not to click on "Install" and so on.
___
I took over from root.cz