According to a security research firm, a new malware has been found that replaces the legit apps in Apple iOS devices with the one that are infected. However, you are less likely to get infected by it if you do not have a jailbroken iPhone or the apps that from sources other than App Store.
According to the FireEye, a security firm in California, a “Masque Attack”, can quickly take over a non-jailbroken iOS device. The researchers were able to execute the attack by manipulating the enterprise and developer certificates from Apple Inc.
Ordinary users are not at a risk of getting this infected, but the developers and the business customers that have to install numerous apps that are not on App Store. Developers need to install the unfinished apps for the testing purpose, whereas, enterprise is all about your work in the office.
It is well-known fact that the enterprise apps can replace the iOS apps on the fly.
Attacker can re-direct you towards a malicious link that might contain an application that has been altered to install a malicious piece of software in your iPhone or iPad. The researchers were able to do malicious activities that include recording the calls and other related things.
In one of the examples, FireEye showed, a user was lured to a malicious website and the Gmail app was quickly replaced by the original Gmail app to gain access over the user’s account. The activity was unarguably scary but can be dodged if user only downloads and updates the apps from the App Store.
Previously, the same thing was applicable on the Android devices. Hackers were able to download an app from Play Store and alter it by adding few lines of malicious code into it. Then these apps were uploaded to the websites that supply third party apps, Google taking this in account started a service called Bouncer to avoid any such activities.