Leave a comment

Massive new iPad and iPhone security flaw lets hackers take over

Massive new iPad and iPhone security flaw lets hackers take over
Photo courtesy of Shutterstock

Hackers have long tried to target iPhones and iPads, but Apple's intensive security measures usually kept your gadget fairly safe from most common attacks. That might be changing because there's a new a massive vulnerability discovered that could unlock 95% of iPhones and iPads, making them a hacker's playground.

The researchers call this vulnerability a "Masque Attack." It's a bit of a cheesy name, I know, but bear with me. Here's how it works:

Once an app is installed on your iOS gadget, your phone treats any app with the same name and digital signature as if it were the same app. Normally, your phone would confirm that something called a "certificate" proved that an update to an app was created by the same developer as the app that it's replacing.

The security researchers call attacks exploiting this vulnerability a Masque Attack because all iOS gadgets are vulnerable to malware-infected apps "masking" themselves as something that they're not.

WireLurker — if you remember last week's news — is malware that takes advantage of this flaw.

You're most vulnerable to Masque Attacks on Wi-Fi and through USB cables. That's because hackers can use either method to remotely connect to your advice and install malware straight to your phone.

The other delivery vector for Masque Attacks could be what's referred to as "spear-phishing." That's when hackers try to trick their victims into installing malware directly onto their phones. Watch out for emails telling you to update an app that include a download link.

While any apps that you update through Apple's App Store should be safe, third-party apps are the ones to watch. You may remember the Android malware that successfully forced its victims to send a scam message to 10 of their friends. This vulnerability would then give hackers even more access.

Luckily, your iOS device will warn you about installing apps from third-party developers who aren't confirmed by Apple as trustworthy. Still, hackers will probably try to scare their victims into thinking that their phone needs an update now.

I know I'm biased, but that's why it's so important that you stick with me. I'm happy to be the one to warn you about the latest flaws, hacks and risks. Don't let the hackers trick you into installing or downloading something you'll regret.

Next Story
Source: NBC News
View Comments ()
Take a look at the Kilauea Volcano's progress
Previous Happening Now

Take a look at the Kilauea Volcano's progress

Veterans Day tribute: 'Sinking the Rising Sun'
Next Happening Now

Veterans Day tribute: 'Sinking the Rising Sun'