A new vulnerability has been discovered in iOS that makes it susceptible to malicious keylogging or touchlogging.
FireEye reports that they've found approaches to bypass Apple's app review process effectively and exploit non-jailbroken devices. It appears that they were able to get their test app onto the App Store and now, according to the company, "We have been collaborating with Apple on this issue."
We have created a proof-of-concept "monitoring" app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.
The vulnerability is present in iOS 7.0.4, 7.0.5, 7.0.6, and 6.1.x. An attacker would need to misled customers into installing their app or they could exploit a remote vulnerability of another app and then conduct the background monitoring of their users.
Apple has yet to comment on the matter. Please follow iClarified on Twitter, Facebook, or RSS for updates.
Read More [via ArsTechnica]
FireEye reports that they've found approaches to bypass Apple's app review process effectively and exploit non-jailbroken devices. It appears that they were able to get their test app onto the App Store and now, according to the company, "We have been collaborating with Apple on this issue."
We have created a proof-of-concept "monitoring" app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.
The vulnerability is present in iOS 7.0.4, 7.0.5, 7.0.6, and 6.1.x. An attacker would need to misled customers into installing their app or they could exploit a remote vulnerability of another app and then conduct the background monitoring of their users.
Apple has yet to comment on the matter. Please follow iClarified on Twitter, Facebook, or RSS for updates.
Read More [via ArsTechnica]