Apple Responds to 'Masque Attack' Vulnerability, Not Aware of Customers Affected by Attack
Just a couple days after the discovery of an iOS vulnerability referred to as Masque Attack because of its ability to emulate and replace existing legitimate apps with malicious ones, Apple has responded in a statement to iMore.
"We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software," an Apple spokesperson told iMore. "We're not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company's secure website."
Masque Attack works by luring a user to install an app outside of the iOS App Store by clicking a phishing link in a text message or email. For example, a user could be prompted to download a new app in a text message that says something like "Hey, try out Flappy Bird 2". A user is then directed to a website where they're prompted to download the app, which will install the fake app over the legitimate one using iOS enterprise provision profiles, making it virtually undetectable.
Masque Attack in action
Earlier today, the United States government
issued a warning about Masque Attack to iOS users. The vulnerability was discovered just a week after reports of malware called
WireLurker surfaced. WireLurker is able to attack iOS devices through OS X using a USB cable. Both vulnerabilities are unlikely to affect the average iOS user as long as Apple's security features are not bypassed.
Both WireLurker and Masque Attack can be avoided by staying away from suspicious apps and avoiding links that prompt users to install apps outside of Apple's App Stores.
Popular Stories
In his Power On newsletter today, Bloomberg's Mark Gurman said Apple will have a three-day stretch of product announcements from Monday, March 2 through Wednesday, March 4. In total, he expects Apple to introduce "at least five products."
Subscribe to the MacRumors YouTube channel for more videos.
A week ago, Apple invited selected journalists and content creators to an "Apple Experience" in...
Apple's software engineers are testing iOS 26.3.1, according to the MacRumors visitor logs, which have been a reliable indicator of upcoming iOS versions.
iOS 26.3.1 should be a minor update that fixes bugs and/or security vulnerabilities, and it will likely be released within the next two weeks.
Last month, Apple released iOS 26.2.1 with bug fixes and support for the second-generation...
Apple is expected to launch a new foldable iPhone this year, based on multiple rumors and credible sources. The long-awaited device has been rumored for years now, but signs increasingly suggest that Apple will release its first foldable device in 2026.
Subscribe to the MacRumors YouTube channel for more videos.
Below, we've collated an updated set of key details that have been leaked about ...
The special new color that Apple is considering for the iPhone 18 Pro and iPhone 18 Pro Max this year is red, according to Bloomberg's Mark Gurman.
Specifically, he said that Apple is testing a "deep red" finish for the two devices.
If this rumor materializes, it would be the first time that the Pro and Pro Max models ever come in red, and the iPhone 18 Pro models would be the first...
Apple CEO Tim Cook was among a handful of top tech executives who attended a classified CIA briefing warning that China could attack Taiwan by 2027, according to a sweeping investigative report by The New York Times ($).
The previously unreported briefing was apparently held in a secure room in Silicon Valley in July 2023. The meeting is said to have been arranged at the request of the...
