Earlier this month, researchers at cybersecurity firm FireEye discovered a vulnerability in the iOS operating system which could allow hackers to replace legitimate apps with malicious copies, giving them access to any data the user entered into the hacked app. These “Masque Attacks” were enough of a threat to convince the U.S. government to release a statement warning iPhone users to avoid downloading apps from third-party sources until the issue could be resolved.
Apple was quick to issue its own response, downplaying the severity of the vulnerability, but further research by Trend Micro seems to indicate that the threat is even more serious that originally reported.
According to Trend Micro, malicious apps installed on an iOS device could allow hackers to access unencrypted data from legitimate apps on the device.
“We tested several apps and found that some of the popular iOS apps do not employ data encryption for their databases,” writes Trend Micro’s Brooks Hong. “In our analysis, we simply used file browsers to access these files. Additionally, the apps we tested are messaging/communication apps, which means that they store a lot of sensitive information like names and contact details.”
Once hackers successfully infiltrate an iPhone or iPad through a Masque Attack, they will be able to trawl through unencrypted messaging and communication apps to find information they could use maliciously.
Interestingly, many of the Android counterparts to the iOS messaging apps Trend Micro tested were encrypted. This might be a result of Android being more susceptible to malware, whereas iOS developers haven’t had to deal with these issues in the past.
Apple says that it is not aware of any users who have been affected by Masque Attacks, but based on the potential outcome of being a victim of one of these attacks, we should all remain cautious when downloading software to our iOS devices.