Cybersecurity firm FireEye Inc published details about the vulnerability on its blog on Monday, saying the bug enables hackers to access devices by persuading users to install malicious applications with tainted text messages, emails and Web links.
The malicious application can then be used to replace genuine, trusted apps that were installed through Apple's App Store, including email and banking programs, with malicious software through a technique that FireEye has dubbed "Masque Attack."
These attacks can be used to steal banking and email login credentials or other sensitive data, according to FireEye, which is well-regarded in cybersecurity circles for its research.
"It is a very powerful vulnerability and it is easy to exploit," FireEye Senior Staff Research Scientist Tao Wei said in an interview.
Apple's iOS has robust security features that make it extremely difficult for attackers to install malware on devices using traditional techniques for infecting Windows machines and Android mobile devices with malicious emails and Web links. The "Masque Attack" makes that possible by exploiting a system that Apple developed to allow large organisations to deploy custom-built software without going through Apple's App Store, according to David Richardson, iOS product manager at mobile security firm Lookout.
- See more at: http://digital.asiaone.com/digital/news/apple-ios-bug-makes-devices-vulnerable-attack-expertsşthash.rjz1WBjr.dpufCybersecurity firm FireEye Inc published details about the vulnerability on its blog on Monday, saying the bug enables hackers to access devices by persuading users to install malicious applications with tainted text messages, emails and Web links.
The malicious application can then be used to replace genuine, trusted apps that were installed through Apple's App Store, including email and banking programs, with malicious software through a technique that FireEye has dubbed "Masque Attack."
These attacks can be used to steal banking and email login credentials or other sensitive data, according to FireEye, which is well-regarded in cybersecurity circles for its research.
"It is a very powerful vulnerability and it is easy to exploit," FireEye Senior Staff Research Scientist Tao Wei said in an interview.
Apple's iOS has robust security features that make it extremely difficult for attackers to install malware on devices using traditional techniques for infecting Windows machines and Android mobile devices with malicious emails and Web links. The "Masque Attack" makes that possible by exploiting a system that Apple developed to allow large organisations to deploy custom-built software without going through Apple's App Store, according to David Richardson, iOS product manager at mobile security firm Lookout.
Bütün xəbərlər Facebook səhifəmizdə
USD
EUR
GBP
RUB