US govt issues advice on iOS Masque vulnerability

Cyber-sec departments post alert, protection instructions, following WireLurker discovery

Tags: Apple IncorporatedCyber crimeFireEye Incorporated ( Alto Networks (
  • E-Mail
US govt issues advice on iOS Masque vulnerability If iOS displays an 'Untrusted App Developer' warning, users are advised to click on 'Don't Trust' and immediately uninstall the app. (Getty Images)
By  Stephen McBride Published  November 16, 2014

The US government's cyber security experts this week issued an online notice warning Apple users of the recently discovered Masque Attack vulnerability resident in iOS that could allow malicious parties to steal sensitive data.

The National Cybersecurity and Communications Integration Centre and the US Computer Emergency Readiness unit posted the alert following a week in which the first known exploitation of the flaw in the wild was reported by Palo Alto Networks. The campaign, known as WireLurker, mainly affected Chinese Apple users and according to Ryan Olson, intelligence director, Unit 42, Palo Alto Networks, compromised data was limited to address book contacts and messaging IDs.

But "they could just as easily take your Apple ID or do something else that's bad news," he added.

Later, FireEye revealed it had discovered the underlying Masque Attack vulnerability earlier this year, and had informed Apple in July. The flaw taints trusted apps installed on iDevices from the App Store, by tricking users into installing malware disguised as updates, via malicious text messages, emails and Web links. Once the installed malware has hijacked the apps, it has access to a range of sensitive information, including login credentials for services such as email and banking.

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code