Masque Attack: U.S. cybersecurity agencies warn iOS users about bugs

Shiena Bernardino
Apple's iOS 8 update

After the public became aware of the vulnerability in Apple's latest iOS software, the U.S. government released a statement to warn all iPhone, iPad and iPod Touch users to avoid being victims of identity theft. 

The online bulletin released by the National Cybersecurity and Communications Integration Center, as well as the U.S. Computer Emergency Readiness Teams, stated that hackers may be able to exploit the vulnerability found in Apple's mobile operating system using the so-called "Masque Attack" bug. 

Recently, the cybersecurity firm FireEye Inc. warned the public about the said bug, which they have discovered on July 26. The firm also reported that hackers already tried to take advantage of the vulnerability by launching the "WireLurker" technique. 

"This technique takes advantage of a security weakness that allows an untrusted app — with the same 'bundle identifier' as that of a legitimate app — to replace the legitimate app on an affected device, while keeping all of the user's data," the warning states. "This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier." 

The warning also said that there is a possibility that more attacks could be launched soon. 

Hackers may have access to users' personal accounts to get their login details as well as sensitive information stored on Apple devices, including bank accounts and such. 

These attacks can be easily avoided if the iOS users will only get apps directly from the Apple Store or from an authorized organization. 

Also, users are advised by the bulletin not to click on the "Install" tabs from pop-ups while surfing online.  Once the iOS issues a warning sign that states "Untrusted App Developer," the users should click on the "Don't Trust" option and uninstall the questionable app immediately. 

The Apple devices running the iOS 7.1.1, 7.1.2, 8.0, 8.1, and 8.1.1 beta versions could possibly be affected by the said vulnerability. 

Apple Inc.'s reps have not released a statement about the Masque Attack bug as of the moment.

Newsletter Stay up to date with Christian Today
News
Texas holds day of prayer in wake of devastating flash floods
Texas holds day of prayer in wake of devastating flash floods

A day of prayer was observed across Texas on Sunday as the state continues to respond to devastating flash floods that have killed dozens, including a number of children who were attending a Christian summer camp. 

Is a 'quiet revival' really taking place? Shock new study findings suggest Christianity may be in retreat
Is a 'quiet revival' really taking place? Shock new study findings suggest Christianity may be in retreat

The challenge before the Christian Church is both stark and clear: to understand and engage a new generation if it is to have a future. 

What was the Welsh Revival and why should you know about it?
What was the Welsh Revival and why should you know about it?

The Welsh Revival of 1904 was anything but quiet, leading to the worldwide Pentecostal and charismatic movements. This is the story …

Church bombing in Syria is 'not sectarian conflict but persecution'
Church bombing in Syria is 'not sectarian conflict but persecution'

A deadly suicide bombing at a Damascus church on Sunday June 22 has reignited urgent calls for global recognition of the ongoing persecution of Syria’s religious minorities.