iPhone, iPad users warned vs masque attack even after updating iOS

Even after they update to the latest version of iOS, owners of iPhones, iPads and iPod touch devices will still have to watch out for the so-called masque attack.

 

There are at least three new masque attacks targeting iOS - demolishing, breaking and hijacking, security vendor FireEye said.

 

"(A)lthough Apple has fixed or partially fixed the original Masque Attack on iOS 8.1.3, there are still other attack surfaces to exploit vulnerabilities in the installation process on iOS. We disclose the details of three variants of Masque Attack in this article to help users realize the risk and better protect themselves," FireEye's Zhaofeng Chen, Tao Wei, Hui Xue and Yulong Zhang said in a blog post.

 

They said the latest iOS, 8.4, can protect against almost all the attacks but not quite yet for the Manifest and Extension Masque attacks.

 

Masque attacks threaten to demolish iOS apps and make them unusable, or can access other apps' data.

 

FireEye said the five Masque attacks include:

- App Masque, replaces an existing app or harvests data; fixed in iOS 8.1.3

- URL Masque, bypasses prompt of trust and hijacks inter-app communication; partially fixed in iOS 8.1.3

- Plugin Masque, can replace a VPN plugin, hijack device traffic and prevent device from rebooting; fixed in iOS 8.1.3

 

Partially fixed in iOS 8.4 were:

- Manifest Masque, demolishes other apps including Apple Watch, Health, Pay during over-the-air installs; partially fixed in iOS 8.4

- Extension Masque, can access another app's data or prevent another app from accessing its own data; partially fixed in 8.4

 

"Our investigation also shows that around one third of iOS devices still have not updated to versions 8.1.3 or above, even five months after the release of 8.1.3, and these devices are still vulnerable to all the Masque Attacks," FireEye's researchers said. — Joel Locsin/TJD, GMA News