'Masque Attack' iOS Malware Is 'WireLurker' Enhanced, Can Steal Sensitive Information

Status
Not open for further replies.

Camel2021

Reputable
Nov 11, 2014
1
0
4,510
I am guessing this is only a problem for Jailbroken phones. I am not aware of a way to install an app that is not on the Apple App Store without jail breaking the phone.

It seems a little weird to blame Apple for users that are turning off a major security feature of the phone.
 

David Moreau

Honorable
Jan 4, 2014
4
0
10,510
I am guessing this is only a problem for Jailbroken phones. I am not aware of a way to install an app that is not on the Apple App Store without jail breaking the phone.

It seems a little weird to blame Apple for users that are turning off a major security feature of the phone.
No need to guess. You don't need to jailbreak:

http://www.fireeye.com/blog/technical/cyber-exploits/2014/11/masque-attack-all-your-ios-apps-belong-to-us.html

You only have to allow installing from untrusted developer. This article links that to enterprise provisioning. It makes sense that enterprise users should be able to get updates without going through iTunes. You are not installing a new application according to the article. You are replacing an app with a fake version of that app. This is too subtle for many users to catch as most users are naive about security.

Before coming to the defense of a company, do the research.
 

ptmmac

Distinguished
Dec 3, 2011
16
0
18,510
There is no doubt that this is getting more and more dangerous for iOS. The only real defense here is having a user base that does not install apps directly from the web. It does not sound like it would be impossible for the makers of this malware to add a zero day flaw in iOS and make the installation silent so the user is unaware of the infection.

The only risk to an iOS user at this point is if you are willing to install an app directly from the web. If you do use your phone this way then you are definitely vulnerable. This is a problem for that subset of iOS users who do this. I imagine the most likely people to fall for this are those that are new to iOS and unfamiliar with basic software safety. China seems to be the major place where this has propagated because of the willingness of customers to search for "free" software.

If stolen software or porn is what you are looking for then the likelihood that you will get infected by these types of malware is much greater. Otherwise you are not at much real risk.
The same would be true with a zero day upgrade to this malware. The real difference being how much more penetration the malware will make into the average user community on iOS.
 

maddad

Distinguished
Feb 22, 2006
179
0
18,680
Quote: You only have to allow installing from untrusted developer. This article links that to enterprise provisioning. It makes sense that enterprise users should be able to get updates without going through iTunes. You are not installing a new application according to the article. You are replacing an app with a fake version of that app. This is too subtle for many users to catch as most users are naive about security.

Before coming to the defense of a company, do the research.

So you are saying if I bypass the Google Play store and add and Android App to my phone that is Googles' fault??? Use some common sense before you go blaming the company for the user doing something with the product that they have been warned not to do!!!
 

SnakeV72

Reputable
Nov 11, 2014
1
0
4,510
Avoid installing apps that don’t come directly from Apple’s App Store
Avoid clicking “Install” or similar buttons from third-party web pages
Uninstall apps for which you get an “Untrusted developer” iOS alert

Sooo in other words, have common sense. Installing an app directly from a website is colossally stupid. You deserve to get infected if you do that.
 
Status
Not open for further replies.