Masque Attack could replace your iOS apps with bogus ones

Even staying away from bogus app stores might not save you
Masque Attack could replace your iOS apps with bogus ones

Mobile security researchers FireEye have discovered an iOS vulnerability that could swap your legit apps for bogus ones. All that a bogus app would need is to share the same 'bundle identifier' - a unique code each app has. The researchers have coined a name for this, a suitably shady moniker: Masque Attack.

The only apps that could not be targetted by this are standard iOS apps preinstalled on your Apple devices, but any app installed from an App Store is fair game.

Again, don't click on those links

How could Masque Attack target an iOS app? One way is via links on a webpage, where hapless users would click on what looks like an innocous app only to have that app secretly replace an app with more sensitive properties. The app could potentially take over your email apps or worse, your mobile banking apps, replacing them without you realising.

This is a problem because apps compromised by Masque Attack could give attackers access to your bank accounts, credit cards and email.

It's not too hard to prevent a Masque Attack. It's as easy as the following:

  • Simply don't install apps from third-party sources (we're looking at you, jailbreakers and downloaders of apps from China-based alternative app stores)
  • Don't click on links on websites that offer to install apps on your phone
  • If Apple warns you that an app you're installing is from an 'untrusted developer', don't install the app

There's one little problem if you're installing iOS 8; you won't be able to detect if Masque Attack has already infiltrated your device. On iOS 7, it is as simple as going to Settings > General >Profiles and seeing if there is a profile called 'Provisioning Profile'. Delete that profile and you should be safe from Masque Attack decoys. iOS 8 does not display those profiles and FireEye has urged Apple to secure its current security interface to address the current vulnerabilities.

READ MORE: What we think about iOS 8

[Source: Fireeye]