AppStore has a loophole and user privacy has been leaked on a large scale

A vulnerability appeared in the AppStore, causing a large-scale leak of user privacy. Generally speaking, all apps will undergo strict review by Apple before being put on the store, but Apple's review is not omnipotent. Today, a vulnerability targeting the privacy of Apple devices was exposed, and thousands of apps have been affected.

[[162717]]

FireEye said that 1,220 apps in the Apple iOS App Store may be affected. FireEye did not disclose the specific names of these apps, but it has notified the developers of these apps. FireEye warned that although JSPatch technology is very useful for iOS development, it may bring great risks to users if it is exploited by hackers.

It is reported that the security vulnerability in the open source software JSPatch can allow hackers to arbitrarily access photos, microphone and clipboard data in user devices and other functions involving personal privacy.

JSPatch Framework

The open source tool JSPatch originally came from China. Since its release in 2015, it has been very popular in the Chinese market. Many popular and high-profile Chinese Apple applications use this technology, but FireEye has found that developers outside of China have also used this technical framework.

FireEye pointed out that the JSPatch framework can effectively enable attackers to circumvent the review process of Apple's App Store and enable attackers to forcibly execute programs on the victim device, while it is difficult for any anti-virus tool to capture the framework code.

"JSPatch is a boon to iOS developers. When used correctly, it can be used to quickly and efficiently deploy patches and update code," FireEye said in a blog post. "But the real world is not as perfect as we imagine, and we must assume that this technology can be used by bad guys for unexpected purposes. Specifically, if an attacker is able to tamper with the contents of a JavaScript file, then he or she can successfully launch an attack on an app in the Apple App Store."

FireEye said JSPatch is one of the few low-cost patching apps available to iOS developers. Several other similar products also pose similar potential attack threats.

How to circumvent the vulnerability

"A sophisticated attacker could use this framework to write a legitimate, non-malicious app and submit it to the Apple App Store for review," said Josh Goldfarb, head of emerging technologies at FireEye. "Once it passes review and is officially in the Apple App Store, it could send malicious commands to the device."

As for how to avoid the risk of JSPatch vulnerabilities, Goldfarb said: "My advice is pretty standard: only use apps that you need, that you know, and that you trust. Be wary of apps that ask you for access. Remember, only give access to apps that you think need it."

In fact, this is not the first time that iOS users have encountered a large-scale application vulnerability threat. In October 2015, security research company SourceDNA discovered that hundreds of iOS apps were collecting users' private information and violating Apple's security and privacy guidelines. This was only one month after the malicious code XcodeGhost launched an attack on the Apple App Store.

Explaining the mobile vulnerability, Goldfarb said: "Mobile devices are a popular target for attackers because they lack security protections compared to laptops and desktops. In the future, we will see more and more malicious attacks targeting mobile environments. Attackers will shift their attention to where the money is, so we will see more attacks on mobile devices."

It is not uncommon for apps in Apple's AppStore to have vulnerabilities. In 2015, there was an incident in which a large number of apps were implanted with Trojans. Many domestic app developers used Xcode development tools infected by Trojans, resulting in several well-known apps including NetEase Cloud Music being affected.