iLoungeiLounge
  • News
    • Apple
      • AirPods Pro
      • AirPlay
      • Apps
        • Apple Music
      • iCloud
      • iTunes
      • HealthKit
      • HomeKit
      • HomePod
      • iOS 13
      • Apple Pay
      • Apple TV
      • Siri
    • Rumors
    • Humor
    • Technology
      • CES
    • Daily Deals
    • Articles
    • Web Stories
  • iPhone
    • iPhone Accessories
  • iPad
  • iPod
    • iPod Accessories
  • Apple Watch
    • Apple Watch Accessories
  • Mac
    • MacBook Air
    • MacBook Pro
  • Reviews
    • App Reviews
  • How-to
    • Ask iLounge
Font ResizerAa
iLoungeiLounge
Font ResizerAa
Search
  • News
    • Apple
    • Rumors
    • Humor
    • Technology
    • Daily Deals
    • Articles
    • Web Stories
  • iPhone
    • iPhone Accessories
  • iPad
  • iPod
    • iPod Accessories
  • Apple Watch
    • Apple Watch Accessories
  • Mac
    • MacBook Air
    • MacBook Pro
  • Reviews
    • App Reviews
  • How-to
    • Ask iLounge
Follow US

News

News

Security researcher IDs new app-spoofing iOS vulnerability

Last updated: May 16, 2021 4:05 pm UTC
By Jesse Hollington

Security research firm FireEye has identified a vulnerability that can allow iOS apps to be replaced by malware versions. Dubbed the “Masque Attack,” the vulnerability uses an existing app’s App Store ID, signed with an enterprise provisioning certificate, to replace the good app with a rogue version. The report explains that although iOS requires that all third-party applications be signed by a valid provisioning certificate, it does not require that the certificate used to sign an app update be the same as the certificate used to sign the original app.

Advertisements

Masque Attack uses a vulnerability similar to the WireLurker exploit revealed last week, leveraging the enterprise distribution system that Apple has provided for companies to distribute in-house apps to their users, however this particular vulnerability goes beyond requiring a USB connection, potentially allowing devices to be infected wirelessly by prompting users to install bogus application updates over-the-air. This could be done by presenting prompts in Safari to encourage users to install an update to an app they may already be using. The prompt need not even match the app actually being delivered, and once the user accepts, the app will be downloaded and replace the legitimate version on the user’s device.

Advertisements

The FireEye report cites examples such as replacing a mobile banking app as a phishing attack to collect login and password information. FireEye notes that the vulnerability still exists in the iOS 8.1.1 beta, and has been identified as far back as iOS 7.1.1.

It is key to mention that this exploit relies heavily on social engineering to encourage the user to install an untrusted app, and that iOS itself provides cues that should raise suspicion, such as asking the user to randomly install an app while they may be engaged in an otherwise unrelated activity such as browsing the web, and requiring that the user explicitly respond to an “Untrusted Developer” notification when installing the app.

Advertisements

Latest News
The 13-inch M4 MacBook Air 256GB is $150 Off
The 13-inch M4 MacBook Air 256GB is $150 Off
1 Min Read
New Dynamic Island to Have ‘Significant’ Upgrades
New Dynamic Island to Have ‘Significant’ Upgrades
1 Min Read
Samsung Might Not Include a ‘Plus’ Phone Model Next Year
Samsung Might Not Include a ‘Plus’ Phone Model Next Year
1 Min Read
The 128GB iPad Mini 7 Wi-Fi is $120 Off
The 128GB iPad Mini 7 Wi-Fi is $120 Off
1 Min Read
New Apple TV+ ‘Chief of War’ Trailer Released
New Apple TV+ ‘Chief of War’ Trailer Released
1 Min Read
New ‘Improved’ Vision Pro to Launch This Year
New ‘Improved’ Vision Pro to Launch This Year
1 Min Read
‘The Morning Show’ Season 4 Premieres on September
‘The Morning Show’ Season 4 Premieres on September
1 Min Read
The AirPods Pro 2 is $100 Off
The AirPods Pro 2 is $100 Off
1 Min Read
OLED MacBook Pro to be Delayed
OLED MacBook Pro to be Delayed
1 Min Read
‘Trash Can’ Mac Pro Moves to the Apple Vintage List
‘Trash Can’ Mac Pro Moves to the Apple Vintage List
1 Min Read
Next Apple Studio Display Slated for 2026
Next Apple Studio Display Slated for 2026
1 Min Read
The 11-inch M3 iPad Air WiFi 128GB is $120 Off
The 11-inch M3 iPad Air WiFi 128GB is $120 Off
1 Min Read

iLounge logo

iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond. iPod, iPhone, iPad, iTunes, Apple TV, and the Apple logo are trademarks of Apple Inc.

This website is not affiliated with Apple Inc.
iLounge © 2001 - 2025. All Rights Reserved.
  • Contact Us
  • Submit News
  • About Us
  • Forums
  • Privacy Policy
  • Terms Of Use
Welcome Back!

Sign in to your account

Lost your password?