Alleged iOS Security Flaw Enables Malicious Apps to Secretly Log User Touch Inputs
Researchers from security firm FireEye have revealed a new bug in iOS that enables a malicious app to monitor and log a user's touch inputs and button uses while running in the background, reports Ars Technica. The exploit reportedly targets a flaw in iOS' multitasking capabilities to capture user inputs, and allows for them to be sent to a remote server.
To demonstrate the flaw, the researchers created a proof-of-concept monitoring app and developed approaches to "bypass" Apple's App Store Review process effectively. Once the app was installed on an iOS device, actions including keyboard inputs, use of the volume, home, and power buttons, screen touches with exact coordinates, and Touch ID events were all captured. The researchers also noted that disabling iOS 7's "Background App Refresh" setting would not disable a malicious app from logging data, as the only present solution to the problem is to manually remove apps from the task switcher.
FireEye also spoke about the flaw being identified in current versions of iOS:
Note that the demo exploits the latest 7.0.4 version of iOS system on a non-jailbroken iPhone 5s device successfully. We have verified that the same vulnerability also exists in iOS versions 7.0.5, 7.0.6 and 6.1.x. Based on the findings, potential attackers can either use phishing to mislead the victim to install a malicious/vulnerable app or exploit another remote vulnerability of some app, and then conduct background monitoring.
The group added that it is actively working with Apple on the issue, although the company has yet to comment publicly. The news comes less than a week after Apple issued iOS 7.0.6 in response to a SSL vulnerability that allowed a hacker to capture or modify data from Safari in supposedly secure sessions.
The SSL security bug was also found to be present in OS X, as new research over the weekend revealed that additional apps such as FaceTime and iMessage could be compromised. Apple confirmed to Reuters that it will issue an OS X software update "very soon" to patch the bug.
Popular Stories
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are just over two months away, and there are plenty of rumors about the devices.
Below, we recap key changes rumored for the iPhone 17 Pro models.
Latest Rumors
These rumors surfaced in June and July:Apple logo repositioned: Apple's logo may have a lower position on the back of the iPhone 17 Pro models, compared to previous...
Apple should unveil the iPhone 17 series in September, and there might be one bigger difference between the Pro and Pro Max models this year.
As always, the Pro Max model will be larger than the Pro model:iPhone 17 Pro: 6.3-inch display
iPhone 17 Pro Max: 6.9-inch displayGiven the Pro Max is physically larger than the Pro, it has more internal space, allowing for a larger battery and...
In 2020, Apple added a digital car key feature to its Wallet app, allowing users to lock, unlock, and start a compatible vehicle with an iPhone or Apple Watch. The feature is currently offered by select automakers, including Audi, BMW, Hyundai, Kia, Genesis, Mercedes-Benz, Volvo, and a handful of others, and it is set to expand further.
Apple has a web page with a list of vehicle models that ...
The calendar has turned to July, meaning that 2025 is now more than half over. And while the summer months are often quiet for Apple, the company still has more than a dozen products coming later this year, according to rumors.
Below, we have outlined at least 15 new Apple products that are expected to launch later this year, along with key rumored features for each.
iPhone 17 Series
iPho...
Apple is continuing to refine and update iOS 26, and beta three features smaller changes than we saw in beta 2, plus further tweaks to the Liquid Glass design. Apple is gearing up for the next phase of beta testing, and the company has promised that a public beta is set to come out in July.
Transparency
In some apps like Apple Music, Podcasts, and the App Store, Apple has toned down the...
Since the iPhone X in 2017, all of Apple's highest-end iPhone models have featured either stainless steel or titanium frames, but it has now been rumored that this design decision will be coming to an end with the iPhone 17 Pro models later this year.
In a post on Chinese social media platform Weibo today, the account Instant Digital said that the iPhone 17 Pro models will have an aluminum...
New renders today provide the best look yet relocated Apple logo and redesigned MagSafe magnet array of the iPhone 17 Pro and iPhone 17 Pro Max.
Image via Majin Bu.
Several of the design changes coming to the iPhone 17 Pro model have been rumored for some time, such as the elongated camera bump that spans the full width of the device, with the LiDAR Scanner and flash moving to the right side.
...
Amazon is soon to be back with its annual summertime Prime Day event, lasting for four days from July 8-11, the longest Prime Day yet. As it does every year, Prime Day offers shoppers a huge selection of deals across Amazon's storefront, and there are already many deals you can get on sale ahead of the event.
Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a ...
Apple's position as the dominant force in the global true wireless stereo (TWS) earbud market is expected to continue through 2025, according to Counterpoint Research.
The forecast outlines a 3% year-over-year increase in global TWS unit shipments for 2025, signaling a transition from rapid growth to a more mature phase for the category. While Apple is set to remain the leading brand by...
