Another shocking vulnerability in iOS: iPhone, iPad, etc. are dead

Another shocking vulnerability in iOS: iPhone, iPad, etc. are dead

Cybersecurity researchers have warned that Apple's iOS operating system puts most iPhones and iPads at risk of being attacked by hackers who seek to break into iOS devices to gain access to sensitive information and take control of them.

Cybersecurity firm FireEye published details of the iOS vulnerability on its blog on Monday, saying hackers could hack into iOS devices by tricking users into installing malicious apps that contain infected text messages, emails and web links.

Hackers can then use malicious apps to replace authentic apps installed through Apple's App Store (such as email and banking-related programs) and implant malware through a technique FireEye calls "Masque Attack."

FireEye said the attack could be used to steal passwords for bank accounts or email accounts or other sensitive data.

“It’s a very powerful vulnerability and it’s very easy to exploit,” Wei Tao, a senior research scientist at FireEye, a company that has a reputation for its research in the cybersecurity industry, said in an interview.

Apple officials did not immediately respond to requests for comment.

Wei Tao said that FireEye had disclosed the existence of the vulnerability to Apple in July, and that Apple representatives had said it was working on fixing the vulnerability.

Wei Tao also said that last month, news about the vulnerability began to leak on some specialized online forums, which are used by network security experts and hackers to discuss information related to Apple's vulnerability.

Wei Tao said FireEye decided to release the research results to the public because Palo Alto Networks discovered the first attack using the vulnerability last week. The hackers used a new malware called "WireLurker" in the attack, which can infect both Macs and iOS devices.

Wei Tao said FireEye is not aware of any other hacker attacks that have also exploited this vulnerability. He said: "WireLurker is the only malware discovered so far, but there will be more in the future."

FireEye recommends that iOS users only download and install apps through Apple's official App Store and not click on the "Install" button that pops up from third-party web pages.

FireEye said it found the vulnerability in iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1 beta, both jailbroken and non-jailbroken versions.

As a winner of Toutiao's Qingyun Plan and Baijiahao's Bai+ Plan, the 2019 Baidu Digital Author of the Year, the Baijiahao's Most Popular Author in the Technology Field, the 2019 Sogou Technology and Culture Author, and the 2021 Baijiahao Quarterly Influential Creator, he has won many awards, including the 2013 Sohu Best Industry Media Person, the 2015 China New Media Entrepreneurship Competition Beijing Third Place, the 2015 Guangmang Experience Award, the 2015 China New Media Entrepreneurship Competition Finals Third Place, and the 2018 Baidu Dynamic Annual Powerful Celebrity.

<<:  Man sues bank after girlfriend secretly shops online

>>:  Magneti Marelli to be at CES 2024: Discover a journey of design-led innovation

Recommend

Ecological farm, the “green card” of agricultural development

Ecological farms are agricultural production and ...

Tik Tok influencer promotion, the formula for creating Tik Tok influencer!

Luo Zhenyu pointed out three years ago that futur...

Solid info! A brief discussion on 4 ideas for community user growth

Well, let’s start from the small circle again. Re...

No flowers to enjoy in May? Learn more about peonies

As the saying goes, "See peonies in the thre...

Smart Internet dominates cars? Anyway, I don’t believe it

Ever since display screens appeared on car center ...

How much does it cost to develop a Yichun marriage and love mini program?

Yichun marriage and love applet development price...

This plant has salt in it! But this salt is not the same as other salt!

Produced by: Science Popularization China Author:...