Alert: "Masque Attacks" Target Apple Mobile Operating Systems
According to www.cutimes.com, California based security firm FireEye has reported that hackers are exploiting vulnerabilities in Apple's mobile operating system to launch “Masque Attacks” – malware disguised as popular apps such as Facebook, Twitter and Google Chrome.
As a member of Shore to Shore, we want to make sure you stay protected and avoid falling victim to malware attacks such as these “Masque Attacks.” If you are using Apple mobile operating systems, please make sure you are downloading apps and their updates via the app store.
The cybersecurity firm said it has discovered 11 iOS threats. The malicious apps look like their legitimate counterparts on a user's device, but are designed to steal sensitive information and send it to a remote server.
FireEye previously described the threats posed by Masque Attacks in a series of blogs. The malicious apps are installed when a user clicks on a link in an email, text message or fake advertisement.
“Up until now, these attacks had never been seen carried out in the wild, highlighting that advanced threats were not utilizing mobile to carry out their attacks despite rapid user adoption,” the report explained.
However, FireEye said the recent discoveries mark the first instance of targeted iOS malware used on iOS devices that have not been jailbroken. Jailbreaking a device removes all of its built-in iOS security mechanisms.
These reverse-engineered, weaponized versions of popular social networking and messaging apps are unlike the real versions in that they come with an extra binary designed to exfiltrate sensitive data and communicate with a remote server.
Because their bundle identifiers match those of the genuine apps in the App Store, they can directly replace the genuine apps on iOS devices operating on software released prior to 8.1.3. Their bundle identifiers are in fact configurable by remote attackers.
"Although Apple has fixed or partially fixed the original Masque Attack on iOS 8.1.3, there are still other attack surfaces to exploit vulnerabilities in the installation process on iOS," FireEye's Zhaofeng Chen, Tao Wei, Hui Xue and Yulong Zhang said in a blog post.
If you feel your phone or accounts have been compromised, please contact us, your phone provider and any other personal account providers who you access via your mobile devices to ensure your accounts are protected and have not been attacked via the fraudulent apps.
« Return to "Member Alerts"