We all are a bit too comfortable and automatically click the “accept” button to the “terms and conditions” without reading any of the terms; not even a sentence. Better think twice, there’s been an iOS security breach!
Furthermore, when we hear of a new app, we don’t think twice about what the app has to offer, we simply download and if it doesn’t meet our standards, we uninstall. It’s that easy. So why take the time to read the fine print when we can conveniently flip the oops switch? Well because these type of things make it that much easier for hackers to gain access to your personal information.
There’s a new way for hackers to break into smart phones using test messages, emails and Web pages to sucker folks into downloading fake apps to gain access to personal data. According to Fireye’s blog:
“…an iOS app installed using enterprise/ad-hoc provisioning could replace another genuine app installed through the App Store…”.
These type of hacker apps, called ‘Masque Attacks’, may look like personal bank apps and/or credit cards apps so that the hacker can “steal banking credentials by replacing an authentic banking app with any malware that has identical [user interface] UI.” Fireye says they found these vulnerabilities on iOS 7.1 and higher, both jailbroken or not.
Currently the security threat is for iOS devices, but that doesn’t mean all other non-iOS users shouldn’t take certain precautions. Don’t install apps from third party sources. Don’t click “install” on a pop-up from a third party web page. Finally, when opening an app, if any alerts of untrusted apps, immediately uninstall.
Especially with the recent Apple Pay rollout and the existing Google Wallet, security should be of the upmost importance.