Hackers have a new way to break into Apple mobile devices using Web pages, text messages and emails to fool users into downloading fake apps that can leak their information, according to a new report from cybersecurity company FireEye.

There’s no evidence hackers have started doing this in the US, but FireEye said a vulnerability in Apple’s iOS mobile operating system means fake apps, which may be designed to look like your bank or email program, can replace genuine apps installed though Apple’s App Store. Once installed, the apps could gain access to personal information and send it back to hackers without users’ knowledge in what FireEye is calling a “Masque Attack.”

Apple has long touted the security of its desktop and smartphone software against competing offerings such as Google’s Android. However, this vulnerability is the latest in a growing list of chinks in iOS’s security, and could cause users to become wary of the company’s products.

FireEye said the bug affects all Apple mobile devices running iOS 7 or later, regardless of whether or not the device is jailbroken — a user-initiated state that lets you install any app off the Internet. That means roughly 95 percent of all Apple mobile devices currently in use are vulnerable. Apple sold 51.6 million iPhones and iPads in the three months ended in September alone.

Read the Full Article: Source – c|net
http://www.cnet.com/news/apple-ios-bug-lets-fake-apps-sneak-onto-iphones-ipads/

source not found