- There’s a perfectly good reason why we can’t buy official Baby Yoda merch yet 5 Years Ago
- Trump’s handwritten ‘I WANT NOTHING’ note gets memed Today 12:57 PM
- Facebook quietly launched a meme generator app called Whale Today 12:40 PM
- How to watch tonight’s fire Warriors vs. Mavericks matchup online Today 12:14 PM
- Android security flaw could have let hackers hijack your phone’s camera Today 12:10 PM
- How Julia Roberts playing Harriet Tubman became a meme Today 12:01 PM
- Woman banned from Instagram for sharing d*ck pic she didn’t ask for (updated) Today 11:55 AM
- People risking concussions for new TikTok challenge Today 11:14 AM
- A ‘Joker’ sequel could be in the works from Warner Bros. (updated) Today 11:06 AM
- Is Jake Paul going to fight again? There are plenty of clues Today 10:57 AM
- Ghostemane concert abruptly canceled amid ‘safety concerns’ and reported gun threat Today 10:41 AM
- Trump Jr. retweets UFC fighter who called troop a ‘douche bag’ Today 10:26 AM
- The best apps and gadgets for cooking the perfect Thanksgiving feast Today 10:22 AM
- Amazon says police can hold on to Ring videos indefinitely Today 9:42 AM
- Henry Cavill on the prospect of playing Superman again: ‘the cape is still in the closet’ Today 9:15 AM
What you need to know about iPhone security issue ‘Masque Attack’
We’ve got your back.
If you have an iPhone, you might think you’re impervious to malware and security breaches, but researchers have identified a vulnerability in iOS that can be exploited to gain access to unwitting victims’ cellphones and steal their emails. And it gets worse.
Earlier this year, FireEye discovered a flaw that lets hackers access apps with malicious code, and raised the issue with Apple back in late July 2014. Having seen “proofs that this issue [has] started to circulate,” the security company has now released the details of the exploit, which they call “Masque Attack.”
Here’s how it works: Every app has its own “bundle identifier”—a string of characters that identifies the app to the operating system. They also have security certificates proving that the app is what it says it is. However, on multiple versions of iOS, it’s possible to circumvent these security checks altogether by simply changing the bundle identifier of your malicious app to that of one already installed on the phone.
In this case, the iPhone makes no attempt to check whether the app is what it says it is. It merely sees the “correct” bundle identifier and installs.
What does this look like in practice?
The example FireEye gives is an iPhone user receiving a text enticing them to download a new version of hit game Flappy Birds. (If you’re still playing Flappy Bird you’ve probably got it coming, but the attack could come in numerous other forms too.) Upon clicking the link, it downloads the malicious file. Once the file is downloaded, it automatically installs—but instead of installing Flappy Birds to the device, it instead updates the user’s Gmail app to a new, compromised version, automatically cloning all emails sent and received.
Default iOS apps—like the phone or Safari—are protected against Masque Attacks, but any third-party app found in the App Store is susceptible to being compromised.
What distinguishes this vulnerability from other malware apps is that while it’s easy to notice a suspicious new third-party app on your device, Masque Attacks will hide behind apps you’re familiar with and trust, with no indication that they’re there.
FireEye has released the information because they believe it’s “urgent to let the public know,” so mitigating measures can be taken to “help iOs users better protect themselves.”
iPhone users running iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta are all vulnerable—as are both jailbroken and non-jailbroken devices. To avoid being affected, the security company recommends vulnerable users avoid installing any apps from third-party sources other than the official App Store, and not to trust apps with an “Untrusted App Developer label.”
iOS 7 users can check if they’re already affected—but worryingly, the functionality has been removed in iOS 8. Here are their instructions:
To check whether there are apps already installed through Masque Attacks, iOS 7 users can check the enterprise provisioning profiles installed on their iOS devices, which indicate the signing identities of possible malware delivered by Masque Attacks, by checking “Settings > General > Profiles” for “PROVISIONING PROFILES.” iOS 7 users can report suspicious provisioning profiles to their security department. Deleting a provisioning profile will prevent enterprise signed apps which rely on that specific profile from running.
It’s alarming that Masque Attacks were apparently first flagged up with Apple in July and yet still remain an issue—but at least we’re now finding out how to mitigate the issue. In short: Stay vigilant, don’t install any third-party apps, and don’t play Flappy Bird. Ever.
Photo via Matthew Pearce / Flickr (CC BY 2.0) | Remix by Rob Price
Rob Price is a technology and politics reporter who served as the U.K.-based morning editor for the Daily Dot until 2014. He now works as the news editor for Business Insider, and his work has appeared in Vice, Slate, the Washington Post, and the Independent.