{"id":76584,"date":"2014-11-10T21:15:03","date_gmt":"2014-11-10T19:15:03","guid":{"rendered":"http:\/\/onsoftware.en.softonic.com\/?p=76584"},"modified":"2025-07-02T00:21:54","modified_gmt":"2025-07-02T07:21:54","slug":"masque-attack-ios-security-flaw","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/masque-attack-ios-security-flaw\/","title":{"rendered":"‘Masque Attack’ security flaw lets hackers replace your iOS apps with malicious ones"},"content":{"rendered":"

Security research firm FireEye published a report today about a new iOS vulnerability that allows attackers to replace your apps with ones that steal your information<\/strong>. FireEye reported the security flaw to Apple on July 26th urging the company to patch it.<\/p>\n

This attack, named Masque Attack<\/strong> by FireEye, uses forged bundle identifiers<\/strong> to lure unsuspecting iOS users into installing fake apps. Since iOS doesn’t check for matching certificates for apps with the same bundle identifier, the app is installed without issue.<\/p>\n

<\/p>\n

\nDefault player\n<\/div>\n

<\/p>\n

<\/object><\/p>\n


\nbrightcove.createExperiences();<\/p>\n

<\/p>\n

FireEye used a phishing text message to demonstrate how Masque Attack works. If a user taps on the download link in the phishing text, the user will see a pop up asking if they want to install the app. Attackers can name the app anything they want and in this case, FireEye named the fake app “New Flappy Bird.”<\/p>\n

Once the user taps “Install”, the app will replace the legitimate app<\/strong> and the user will be none the wiser. The demonstrated app is a fake version of Gmail<\/a> that looks just like the official app but secretly sends all of a user’s emails to the hacker.<\/p>\n

\"stolen<\/p>\n

The scariest thing about Masque Attack is that it works on non-jailbroken iPhones<\/strong>, which means all users running iOS 7.1.1 and up are affected. Even the latest version<\/a> of iOS 8 isn’t safe. Masque Attack can replace any app downloaded from the App Store but not built-in apps like Safari.<\/p>\n

FireEye recommends users avoid installing anything outside of the official App Store<\/strong>. Users should also be aware when an “Install” pop-up is triggered from a web page. Lastly, if you see a warning which reads “Untrusted App Developer”, don’t install the app (duh).<\/p>\n

In addition to last week’s WireLurker<\/a> security vulnerability and now Masque Attack, iOS users are no longer as safe as previously though<\/a>.<\/p>\n

Source: FireEye<\/a><\/em><\/p>\n

Via: 9to5Mac<\/a><\/em><\/p>\n

Related Stories<\/h3>\n

Computer security should be simple<\/a><\/p>\n

New iPhone malware spreads when connecting to a Mac<\/a><\/p>\n

Worldwide governments made 24% more requests for user data in 2014<\/a><\/p>\n

Windows malware threat Poweliks lives in Windows Registry<\/a><\/p>\n

Follow me on Twitter: @lewisleong<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Security research firm FireEye published a report today about a new iOS vulnerability that allows attackers to replace your apps with ones that steal your information. FireEye reported the security flaw to Apple on July 26th urging the company to patch it. This attack, named Masque Attack by FireEye, uses forged bundle identifiers to lure … Continue reading “‘Masque Attack’ security flaw lets hackers replace your iOS apps with malicious ones”<\/span><\/a><\/p>\n","protected":false},"author":2033,"featured_media":76587,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-76584","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/76584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/2033"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=76584"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/76584\/revisions"}],"predecessor-version":[{"id":329857,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/76584\/revisions\/329857"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/76587"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=76584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=76584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=76584"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=76584"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=76584"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=76584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}