Triển
11-12-2014, 06:33 AM
Masque Attack: All Your iOS Apps Belong to Us
November 10, 2014 | By Hui Xue, Tao Wei and Yulong Zhang | Exploits, Mobile Threats, Targeted Attack, Threat Intelligence, Threat Research, Vulnerabilities
In July 2014, FireEye mobile security researchers have discovered that an iOS app installed using enterprise/ad-hoc provisioning could replace another genuine app installed through the App Store, as long as both apps used the same bundle identifier. This in-house app may display an arbitrary title (like “New Flappy Bird”) that lures the user to install it, but the app can replace another genuine app after installation. All apps can be replaced except iOS preinstalled apps, such as Mobile Safari. This vulnerability exists because iOS doesn't enforce matching certificates for apps with the same bundle identifier. We verified this vulnerability on iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta, for both jailbroken and non-jailbroken devices. An attacker can leverage this vulnerability both through wireless networks and USB. We named this attack “Masque Attack," and have created a demo video here:
http://www.youtube.com/watch?feature=player_embedded&v=3VEQ-bJUhPw
(xem tiếp (http://www.fireeye.com/blog/technical/cyber-exploits/2014/11/masque-attack-all-your-ios-apps-belong-to-us.html))
---- Kết luận đơn giản, là chỉ nên cài đặt app từ App Store của Táo. Nếu không là có ngày mất sạch. :(
November 10, 2014 | By Hui Xue, Tao Wei and Yulong Zhang | Exploits, Mobile Threats, Targeted Attack, Threat Intelligence, Threat Research, Vulnerabilities
In July 2014, FireEye mobile security researchers have discovered that an iOS app installed using enterprise/ad-hoc provisioning could replace another genuine app installed through the App Store, as long as both apps used the same bundle identifier. This in-house app may display an arbitrary title (like “New Flappy Bird”) that lures the user to install it, but the app can replace another genuine app after installation. All apps can be replaced except iOS preinstalled apps, such as Mobile Safari. This vulnerability exists because iOS doesn't enforce matching certificates for apps with the same bundle identifier. We verified this vulnerability on iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta, for both jailbroken and non-jailbroken devices. An attacker can leverage this vulnerability both through wireless networks and USB. We named this attack “Masque Attack," and have created a demo video here:
http://www.youtube.com/watch?feature=player_embedded&v=3VEQ-bJUhPw
(xem tiếp (http://www.fireeye.com/blog/technical/cyber-exploits/2014/11/masque-attack-all-your-ios-apps-belong-to-us.html))
---- Kết luận đơn giản, là chỉ nên cài đặt app từ App Store của Táo. Nếu không là có ngày mất sạch. :(