Possible iOS Security Flaw Revealed On Apple Devices
By Edward Cardenas
SOUTHFIELD (CBS Detroit) - Security research firm FireEye is reporting that hackers are using Web pages, text messages and emails to trick users of Apple mobile devices downloading fake apps to access their personal information.
CNET reports that there haven't been any attacks in the United States, but the "Masque Attack" exploits a vulnerability in the Apple iOS mobile operating system which could allow actual apps to be replaced with hacker's apps.
The hackers lure Apple users to install the fake apps by sending "fishing" emails or SMS messages to iPhone, iPad or iPod touch users with names including"New Flappy Bird" or "Angry Bird Update," according to 9to5Mac, that install the "malicious" apps.
According to FireEye, this bug affects all Apple mobile devices running iOS 7 or later.
This is the second Apple iOS security issue revealed this month. CNET reported that security firm Palo Alto Networks found a a new attack, called "WireLurker," which allows unapproved apps downloaded from the Internet could infect iPhones when plugged into Mac computers.
"WireLurker" appears to only affecting devices in China, according to reports.
9to5Mac recommends iOS users only install apps from the App Store, and to avoid installing apps from untrusted developers.