After researchers have uncovered a serious iOS 8 flaw that lets hackers substitute legitimate apps installed on an iPhone with malware apps meant to steal user data, prompting the U.S. government to issue a warning on the matter, Apple has commented on this type of attacked — dubbed “Masque Attack” — telling iMore the problem has not affected iOS users yet.
“We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software,” an Apple spokesperson said. “We’re not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company’s secure website.”
Additionally, Apple has also posted a knowledge base article on its support pages, instructing users how to safely install custom enterprise applications on an iOS 8 device, which can be downloaded from other places than the App Store.
For a Masque Attack to work, iOS users would have to install apps from a third-party source, which is something they shouldn’t do in the first place, and ignore a warning pop up on the phone telling them said app isn’t exactly trusted.