Skip to content

New iOS Malware Impersonates Legitimate Apps

Unfortunately for those that are worried about iOS security, WireLurker wasn’t the end – a new vulnerability has emerged, called the Masque Attack.

Discovered by FireEye, this attack is a means to replace and impersonate apps on your iPhone or iPad. It can’t replace built-in apps like Mail or Safari, but it can more than easily replace the files of, say, Gmail. The attack is reported to have happened on iOS 7.1.1, 7.1.2, 8.0, 8.1 and even the current beta for 8.1.1. Apple has yet to provide a statement on the matter.

Can’t believe it? Watch the video and see for yourself.

As you can see, it’s fairly easy for the attacker to gain access to sensitive data, as well as get hold of the user’s email address. In the video, the app was downloaded through a link provided in an SMS message, but your phone is equally likely to get infected as the result of an email or from downloading apps from an unofficial source. The attack doesn’t require your phone to be jailbroken.

Note that the Masque Attack is only possible if you download apps anywhere other than Apple’s official App Store.