A hotbed for information plagiarists, iOS reveals the Masque Attack vulnerability

A hotbed for information plagiarists, iOS reveals the Masque Attack vulnerability

Recently, the cybersecurity company FireEye announced an iOS system vulnerability called "Masque Attack". Attackers can trick iPhone and iPad users into installing malicious applications through text messages, emails and web links, and then use this vulnerability to implant malicious applications into user devices, replacing existing applications to obtain users' bank accounts, email accounts and other sensitive data. In addition, they can even use this vulnerability to gain control of these devices.

In addition to text messages, emails, and web links, third-party markets have also become one of the important places for hackers to exploit this vulnerability. Because these third-party markets do not have as strict review standards as the Apple Store, attackers are more likely to use this to spread these malicious applications.

FireEye pointed out that the reason for Masque Attack is that the iOS system does not enforce the verification of certificates of applications with the same "binding identifier". In other words, as long as one application has the same binding identifier as other applications, it can cover another application. This is why attackers need to implant malicious applications in the attacked device.

FireEye also stated that they had submitted the vulnerability to Apple on July 26, and chose to disclose it now mainly because they found that the malicious application WireLurker that had spread on Mac and iOS platforms was related to this vulnerability.

Coincidentally, security researcher Jonathan Zdziarski also said in his blog that the pairing mechanism of iOS is the culprit for the proliferation of malicious applications because it allows more complex variants to easily spread on Apple devices. From his explanation, WireLurker's attack method is the same as that of Masque Attack.

Apple has stopped the spread of WireLurker in time, but according to data from security company Palo Alto Networks, 467 infected apps had been downloaded 356,104 times in the past six months before Apple stopped it, affecting tens of thousands of users. Since there is no news that Apple has fixed this vulnerability, there may be more similar attacks in the future.

However, although the impact of the Masque Attack vulnerability is very large, it is not unavoidable. Because it mainly relies on malicious applications to obtain user information, iOS users only need to avoid installing applications from non-Apple official app stores and do not install applications on pop-up third-party web pages.

<<:  Mozilla CTO publicly blames Android and iOS

>>:  Dialogue with IBM's Wang Yang: The third computing revolution behind IBM

Recommend

5 basic understandings of brand marketing

When it comes to brands, there are a thousand def...

SEO optimization, some relatively practical methods of online promotion?

If you are a small company and want to reduce the...

Why are all the mountains in the world no higher than 10,000 meters?

There are countless mountains of all sizes on the...

How to plan a fission event promotion?

Hello everyone, I believe that every operator who...

Latest discovery: When you fall asleep, cancer wakes up...

Breast cancer is one of the most common cancers, ...

Why can scalpers always get tickets but I can’t?

Audit expert: Zheng Yuanpan, professor at Zhengzh...

Hisense Art TV 75R8K review: A disruptor of mural TVs

As an important device for home entertainment, TV...