THE VULNERABLE #APPLE GADGETS

Cybersecurity firm FireEye warned
Monday that hackers could trick
owners of Apple gadgets into
Cybersecurity firm FireEye warned
Monday that hackers could trick
owners of Apple gadgets into
installing applications that steal
information. PHOTO | FILE
ADVERTISEMENT
SAN FRANCISCO,
Cybersecurity firm FireEye warned
Monday that hackers could trick
owners of Apple gadgets into
installing applications that steal
information.
US-based FireEye maintained that
“masque attacks” made possible by a
vulnerability in software running
iPhones, iPads and iPod touch
devices posed “much bigger threats”
than a recently disclosed WireLurker
flaw patched by Apple.
“Masque attacks can replace
authentic apps, such as banking and
email apps, using attacker’s malware
through the Internet,” FireEye said
in a blog post.
“That means the attacker can steal
user’s banking credentials by
replacing an authentic banking app
with an malware that has identical
UI (user interface).”
Cyber crooks could prompt Apple
gadget owners to install what
deceptively claims to be an update
to an existing application, such as a
popular mobile game.
WIRE-LURKER
Instead of an update, users would
get an application that mimics and
replaces a legitimate program,
sending information entered by
users to hackers, according to
FireEye.
FireEye said it alerted Apple to the
vulnerability months ago and that
the California-based company is
working to fix it.
FireEye said that people can guard
against trouble by only installing
applications or updates through
Apple’s official online App Store.
The researchers advised people to
never resort to using “install”
prompts that pop up on third-party
Web pages.
If opening an application on an
Apple device triggers a message
warning it was created by an
“Untrusted App Developer,”
immediately remove the mini-
program, FireEye advised.
Last week, researchers at
cybersecurity firm Palo Alto Networks
revealed a newly discovered family of
malware that has the capacity to
infect iPhones via Apple computers,
posing a security threat to devices
that have been largely resistant to
cyber criminals.
The malware, dubbed WireLurker, “is
capable of stealing a variety of
information from the mobile devices
it infects and regularly requests
updates from the attackers command
and control server,” according to a
report by the security firm, which
added that “its creator’s ultimate
goal is not yet clear.”
MADE IN CHINA
Apple, in a statement to AFP, said it
had acted to block the malware.
As Apple computers and mobile
devices have grown in popularity,
they have become coveted targets for
hackers eager to get to the ranks of
users.
According to the researchers,
WireLurker malware first infects a
Mac computer, which uses the OS X
operating system, and then installs
itself on iOS devices — iPads or
iPhones — when they are connected
to the computers via USB ports.
The malware was traced back to a
third-party Chinese app store.

AUTHOR :

image

Ambuli Victor

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s