Hackers find way to attack Apple devices
08 Aug 2015
People who owned Apple devices at one time, could feel safe from hack attacks, but times had changed.
Most hackers focused on Windows machines as these constituted the biggest target, but researchers are finding more security holes in machines containing Apple operating systems , which made them prime targets for hacks.
According to security company FireEye, which issued a report this week hackers had found a way to break into iOS devices with the help of legitimate-looking but malicious apps downloaded to one's phone.
The security company learned about the hacks by examining roughly 400 GB of corporate data that was leaked when hackers breached the cybersecurity firm Hacking Team.
While FireEye had warned of the possibility of these so-called masque attacks earlier, the company claimed that its recent discovery was the first instance of the attacks actually occurring outside of a test lab environment.
Masque attacks happened when users unwittingly downloaded malicious apps to their Apple device by clicking on a shady web link.
According to experts, the recently discovered issue would likely not affect a large number of users, but it had massive potential for hackers because of the way it operated - it fooled the iPhone into downloading a malicious app that replicated an actual app on to users' phone that it then replaced it covertly.
The malicious app could then be used by hackers for various purposes without the knowledge of the iPhone user.
Researchers from FireEye told Business Insider, though the apps looked and performed like genuine apps, they had components that could activate additional silent functions, such as spying on conversations or uploading personal data to a server that was also controlled by attackers.
Fake apps of the type had already been found in the wild and had been replicating popular apps including Twitter, Facebook, WhatsApp, Viber, Skype and others.
However, users need to know that the security threat acted together with a phishing email or message.
In other words, the threat came from downloading the malicious app, which happened after users clicked on a particular link in an email or message.
Hackers managed to bypass Apple's security with the ''Masque'' attack, when users clicked the link, which tricked the iPhone into believing it connected to the App Store.
