It hasn't been a good year so far for Apple when it comes to security. We recently busted the myth that Macs can't get viruses, and revealed how Apple's overall security strategy has a major flaw. Now, hackers have found a way to slip malicious apps onto stock iPhones and iPads.
Generally, to install a malicious app requires a jailbroken gadget, which means the user turned off Apple's built-in security. However, hackers have found a way around that using a flaw in Apple's app installation system.
The attack relies on two Apple features. The first is the ability to purchase iOS apps using iTunes on a computer and then sending them to an iPhone or an iPad. The second piece of the puzzle is something called FairPlay.
FairPlay is part of Apple's digital rights management system. When you install an app on iOS, FairPlay checks with the App Store to make sure you actually purchased, or chose to download, the app. If you did, the App Store sends back an authorization code.
However, using a "man in the middle" attack, hackers can steal the authorization code for that app. After that, they can use it to trick an iOS gadget into installing the app even if it didn't come from the App Store. Software pirates have been using this technique for years to install legitimate apps without paying for them, but now hackers are using it to deliver malware.