· We encourage all iOS users to always update their devices to the latest version of iOS and pay close attention to the avenues that they download their apps. References [1] VB paper: Apple without a shell – iOS under targeted attack [2] iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme HijackingEstimated Reading Time: 5 mins. · First reported in , Masque Attack allowed hackers to replace a genuine app from the App Store with a malformed, enterprise-signed app that had the same Bundle Identifier (Bundle ID). Apple subsequently patched the vulnerabilities (CVE and CVE), but while it closed a door, scammers seemed to have opened a bltadwin.ru’s repackaged, adware-laden apps and its . · Apple has downplayed the Masque iOS security threat, saying no one has actually been affected by the security vulnerability. The Masque Attack opened by the security shortcoming creates a way for attackers to replace genuine iOS apps with malicious doppelgängers, as previously bltadwin.ruty firm FireEye warned about the iOS app overwrite attack on Monday before US Author: John Leyden.
Researchers at FireEye revealed more information about how attackers can compromise iOS devices.. Last year, FireEye reported a flaw in iOS that can be exploited in what the firm dubbed the 'Masque Attack'. In the attack, researchers showed it was possible for hackers to replace legitimate iOS apps with malicious ones via SMS, email or web browsing. FireEye Mobile Security researchers demonstrate the ability for hackers to easily replace legitimate apps and steal user data on non-Jailbroken iOS devices. We encourage all iOS users to always update their devices to the latest version of iOS and pay close attention to the avenues that they download their apps. References [1] VB paper: Apple without a shell - iOS under targeted attack [2] iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme Hijacking.
Masque Attack and its derivatives have been partially patched in iOS , but in the meantime, users are advised to refrain from downloading any apps from sources other than the official App Store. First reported in , Masque Attack allowed hackers to replace a genuine app from the App Store with a malformed, enterprise-signed app that had the same Bundle Identifier (Bundle ID). Apple subsequently patched the vulnerabilities (CVE and CVE), but while it closed a door, scammers seemed to have opened a window. The security flaw that would allow a Masque Attack to work is a bit of iOS programming that enforces matching certification on apps with the same bundle identifier. This feature, which is handy for updating an app with a newer version, could replace a legitimate application with the false Masque Attack version, provided both have identical.
0コメント