<div>There is a newly discovered threat to Apple users. Called a “Masque Attack,” it allows hackers to install iOS apps on a person’s devices via email or text message. Impacting iOS 7 and iOS 8 devices, the attack takes advantage of a vulnerability that allows for an iOS app with the same file name – regardless of developer – to replace the legitimate app while keeping all of the user’s data in-tact. Masque Attacks can replace authentic apps, such as banking and email apps, using attacker's malware through the Internet. That means the attacker can steal user's banking credentials by replacing an authentic banking app with a malware that has identical UI. Surprisingly, the malware can even access the original app's local data, which wasn't removed when the original app was replaced. These data may contain cached emails, or even login-tokens which the malware can use to log into the user's account directly.<br /><br />This vulnerability exists because iOS doesn't enforce matching certificates for apps with the same bundle identifier. <br /><br />The cybersecurity company FireEye, which first disclosed the Masque Attack vulnerability on Monday (10 November), says Apple is working on a fix. <br /><br />So long, Apple products were rarely attacked in this way because apps were normally downloaded only from Apple's app store. Now, Apple users may be increasingly vulnerable when they acquire apps from other sources. <br /><br />The attack also allows hackers to successfully avoid detection by mobile device management software, taking advantage of Apple’s private APIs that are usually reserved for the stock iOS apps, and gain deeper access to the iOS system to avoid being removed.<br /><br />Bryce Boland – CTO, APJ for FireEye, says "this is a proof of concept that is meant to demonstrate the vulnerabilities in the iOS platform, and as more companies start using iOS devices they may be disabling certain security features to get their custom apps onto devices. We haven't seen this in the wild but it does represent a potential threat as Apple devices proliferate in the enterprise and employees use personal devices for work". <br /> </div><div><strong>How To Stay Safe From Masque Attacks<br /></strong><strong><br /></strong></div><ul><li>Install apps from third-party sources other than Apple’s official App Store or the user’s own organisation</li><li>Don’t click “Install” on a pop-up from a third-party web page, no matter what the pop-up says about the app. The pop-up can show attractive app titles crafted by the attack</li><li>When opening an app, if iOS shows an alert with “Untrusted App Developer”, click on “Don’t Trust” and uninstall the app immediately<br /> </li></ul>
