A hotbed for information plagiarists, iOS reveals the Masque Attack vulnerability

A hotbed for information plagiarists, iOS reveals the Masque Attack vulnerability

Recently, the cybersecurity company FireEye announced an iOS system vulnerability called "Masque Attack". Attackers can trick iPhone and iPad users into installing malicious applications through text messages, emails and web links, and then use this vulnerability to implant malicious applications into user devices, replacing existing applications to obtain users' bank accounts, email accounts and other sensitive data. In addition, they can even use this vulnerability to gain control of these devices.

In addition to text messages, emails, and web links, third-party markets have also become one of the important places for hackers to exploit this vulnerability. Because these third-party markets do not have as strict review standards as the Apple Store, attackers are more likely to use this to spread these malicious applications.

FireEye pointed out that the reason for Masque Attack is that the iOS system does not enforce the verification of certificates of applications with the same "binding identifier". In other words, as long as one application has the same binding identifier as other applications, it can cover another application. This is why attackers need to implant malicious applications in the attacked device.

FireEye also stated that they had submitted the vulnerability to Apple on July 26, and chose to disclose it now mainly because they found that the malicious application WireLurker that had spread on Mac and iOS platforms was related to this vulnerability.

Coincidentally, security researcher Jonathan Zdziarski also said in his blog that the pairing mechanism of iOS is the culprit for the proliferation of malicious applications because it allows more complex variants to easily spread on Apple devices. From his explanation, WireLurker's attack method is the same as that of Masque Attack.

Apple has stopped the spread of WireLurker in time, but according to data from security company Palo Alto Networks, 467 infected apps had been downloaded 356,104 times in the past six months before Apple stopped it, affecting tens of thousands of users. Since there is no news that Apple has fixed this vulnerability, there may be more similar attacks in the future.

However, although the impact of the Masque Attack vulnerability is very large, it is not unavoidable. Because it mainly relies on malicious applications to obtain user information, iOS users only need to avoid installing applications from non-Apple official app stores and do not install applications on pop-up third-party web pages.

<<:  Mozilla CTO publicly blames Android and iOS

>>:  Dialogue with IBM's Wang Yang: The third computing revolution behind IBM

Recommend

Aiti Tribe Stories (7): Meet 51CTO and aim high

[51CTO.com original article] The protagonist of t...

Accenture: Net Zero Goal

According to new research from Accenture, only 18...

A complete list of Android app markets and app package names!

During the development process, you may encounter...

Kuaishou APP operation and promotion skills!

Almost two months ago, the editor launched a poll...

Promotion strategy of Sina Weibo Fanstong

Someone told me that Sina Weibo’s scale is not up...

How much do you know about performance optimization?

[[196882]] 1. Introduction Recently, a new versio...

official! Tik Tok advertising promotion quotation list~

Tik Tok has seized the domestic video market and ...

Growth Tips: Increase Transaction Rate by Over 900%

Let’s get into today’s topic, a sigh from the bot...

Playing with Xcode: Modifying the comment template generated by the system

When using Xcode to create a project or a new cla...

How to use titles reasonably to get more clicks?

For experienced netizens, they can almost see thr...

QR code promotion, 6 invalid forms to avoid

When doing new media promotion , many operators d...