A Potential iPhone Security Vulnerability Reported

Written by Felipe on October 19th, 2014

I receive compensation as a result of endorsements, ads, or affiliate links on this website: Compensaton Disclosure

Millions of people are in love with their iPhones because for the most part they have remained relatively immune to security vulnerabilities over the years. This is still generally true but if you use an iPhone or iPad, you’ll want to pay close attention to this article because there’s a new vulnerability that has been reported that you should probably know about.

Let me just start off by trying to put your mind at ease by saying that if you only download your applications from the official Apple App Store, this reported vulnerability shouldn’t pose a worry for you. Those who should be worried are the users who download applications from the Internet and other sources besides the official Apple website.

Recently, a cybersecurity company by the name of FireEye has dubbed this iPhone security vulnerability the “Masque Attack”. Let me take just a minute and explain why they’ve given it that name. The way this vulnerability is reported to work is that an iPhone user clicks on a link to update an application via the Internet instead of the official App Store. What actually happens when they click on this link is they will be asked whether they want to confirm the installation of the application on their phone. If they select yes, a fake iPhone app that looks just like the official application is installed over the top of the original application.

Now let’s talk about why this could pose a problem for unsuspecting victims of this potential exploitation. If you’re using an application that contains your sensitive personal information, and a fake iPhone application has been installed over the real app, it could potentially allow a hacker to gain access to your sensitive personal information.

As I mentioned before, it’s relatively simple to prevent yourself from becoming a victim of this exploit. Just remember these three simple rules.

  1. Never click on pop-ups that ask you to update an application when you are viewing a website with your iPhone or iPad.
  2. Only install applications from the official Apple App Store.
  3. If you open an app and you get a warning on your device that says, “Untrusted App Developer”, quickly tap the “Don’t Trust” option and uninstall the application right away.

Apple takes security very seriously so while this potential security vulnerability may exist now, I expect that they will find a way to provide a patch to iOS to prevent this type of thing in the near future. In the meantime, it doesn’t hurt to take a few extra precautions and be extra careful about where you get your applications from and what you click on when you are visiting websites using your iPhone or iPad.

It’s worth pointing out that in response to this potential issue being announced, an Apple representative said that as of now, they aren’t aware of any customers who have actually fallen victim to this type of attack.

Wait! Don’t Leave!

Before you leave, might I suggest that your read this article that contains a very handy tip for Apple mobile device users: A Simple Handy Tip For Your iPhone or iPad Home Screen.

Resources:

I receive compensation as a result of endorsements, ads, or affiliate links on this website: Compensaton Disclosure