Researchers at FireEye on Monday made public the existence of the Masque Attack, which threatens iOS and Mac OS X operating systems. Masque Attack exploits a flaw in Apple's OSes that allows the replacement of one app by another so long as both apps use the same bundle identifier. All apps, except those preinstalled on iOS, such as Mobile Safari, can be replaced. The fake apps can access the original app's local data, including log-in tokens. Among other things, they let attackers log into and loot victims' bank accounts.Researchers Shine Spotlight on OS X/iOS Masque Attack
Researchers at FireEye on Monday made public the existence of the Masque Attack, which threatens iOS and Mac OS X operating systems. Masque Attack exploits a flaw in Apple's OSes that allows the replacement of one app by another so long as both apps use the same bundle identifier. All apps, except those preinstalled on iOS, such as Mobile Safari, can be replaced. The fake apps can access the original app's local data, including log-in tokens. Among other things, they let attackers log into and loot victims' bank accounts.
0 comments:
Post a Comment