Skip to main content

U.S. Department of Homeland Security warns iOS users about ‘Masque Attack’ security flaw

The U.S. Department of Homeland Security on Thursday issued an alert warning iOS users about the recent “Masque Attack” security flaw that can affect both non-jailbroken and jailbroken iPhone, iPad and iPod touch devices. The United States Computer Emergency Readiness Team outlines how the technique works and offers solutions on how iOS users can protect themselves.

Mobile security research team FireEye claimed last week that Masque Attacks allow for an attacker to replace a legitimate app with a malicious version under a limited set of circumstances. To fall victim to the attack, an iPhone, iPad or iPod touch user must be lured into installing an app outside of the App Store through enterprise provisioning systems or through a phishing link.

FireEye explained the technical intricacies of the security flaw in more detail last week:

“Masque Attacks can replace authentic apps, such as banking and email apps, using attacker’s malware through the Internet,” claims FireEye. “That means the attacker can steal user’s banking credentials by replacing an authentic banking app with an malware that has identical UI. Surprisingly, the malware can even access the original app’s local data, which wasn’t removed when the original app was replaced. These data may contain cached emails, or even login-tokens which the malware can use to log into the user’s account directly.”

The government organization says that iOS users can protect themselves by avoiding installing apps that are outside of the App Store or organizations that you belong to, not tapping on “Install” from a third-party prompt when viewing a webpage, and tapping on “Don’t Trust” and uninstalling any apps that display an “Untrusted App Developer” alert when opened.

Masque Attacks can affect users running iOS 7.1.1 through iOS 8.1.1 beta.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Edison Wrzosek - 9 years ago

    ROTFL!!! How to avoid this attack? Just don’t be a stupid dipshit that clicks on every single freaking thing you get from every unsolicited message! Problem solved!

    While Apple definitely needs to fix the flaw allowing this, NO ONE can fix the stupidity of the average Joe that actually enables this…

  2. inquiblog - 9 years ago

    Also iOS users can protect themselves by… Updating to iOS 8.2!

  3. Lee (@leemahi) - 9 years ago

    I find it awful that The Verge hasn’t reported on this yet. They really can’t say too many bad thing’s about Apple. And 24 hours later, they move the nexus 6 review off the front page and off the video player. I used to love the verge. Now I despise them.