Hackers Can Trick iOS Users Into Installing Malicious Apps: Researcher

Advertisement
By Agence France-Presse | Updated: 11 November 2014 09:29 IST
Cyber-security firm FireEye warned Monday that hackers could trick owners of Apple gadgets into installing applications that steal information.

US-based FireEye maintained that "masque attacks" made possible by a vulnerability in software running iPhones, iPads and iPod touch devices posed "much bigger threats" than a recently disclosed WireLurker flaw patched by Apple.

"Masque attacks can replace authentic apps, such as banking and email apps, using attacker's malware through the Internet," FireEye said in a blog post.

Advertisement

"That means the attacker can steal user's banking credentials by replacing an authentic banking app with an malware that has identical UI (user interface)."

Cyber crooks could prompt Apple gadget owners to install what deceptively claims to be an update to an existing application, such as a popular mobile game.

Instead of an update, users would get an application that mimics and replaces a legitimate program, sending information entered by users to hackers, according to FireEye.

FireEye said it alerted Apple to the vulnerability months ago and that the California-based company is working to fix it.

Advertisement

FireEye said that people can guard against trouble by only installing applications or updates through Apple's official online App Store.

The researchers advised people to never resort to using "install" prompts that pop up on third-party Web pages.

Advertisement

If opening an application on an Apple device triggers a message warning it was created by an "Untrusted App Developer," immediately remove the mini-program, FireEye advised.

Last week, researchers at cyber-security firm Palo Alto Networks revealed a newly discovered family of malware that has the capacity to infect iPhones via Apple computers, posing a security threat to devices that have been largely resistant to cybercriminals.

Advertisement

The malware, dubbed WireLurker, "is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server," according to a report by the security firm, which added that "its creator's ultimate goal is not yet clear."

Apple, in a statement to AFP, said it had acted to block the malware.

As Apple computers and mobile devices have grown in popularity, they have become coveted targets for hackers eager to get to the ranks of users.

According to the researchers, WireLurker malware first infects a Mac computer, which uses the OS X operating system, and then installs itself on iOS devices iPads or iPhones when they are connected to the computers via USB ports.

The malware was traced back to a third-party Chinese app store.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Amazon Prime Day 2026: Best Deals on Soundbars From JBL, and More
  2. Best Mobiles Under Rs. 30,000 in India
  1. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  2. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  3. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
  4. Nokia 235 4G (2026), 215 4G (2026) Launched Alongside Nokia 210 4G, and 200 4G With AI Assistant Button
  5. Samsung Galaxy S27 Ultra Battery Details Leaked; Could Top iPhone 18 Pro Max's Battery Capacity
  6. OnePlus Ace 7 Series Tipped to Feature 185Hz Display, 9,000mAh Battery
  7. WhatsApp Rolls Out Primary Device Support on iPad, Tests New Setup Screen for Android Tablets: Report
  8. Government Directs App Stores to Remove Malicious Apps Used to Disrupt E-Rickshaw Operations: Report
  9. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
  10. Maharashtra Legislature Passes Amendment to Bring Virtual Digital Assets Under Depositor Protection Law
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.