Apple Responds to 'Masque Attack' Vulnerability, Not Aware of Customers Affected by Attack
Just a couple days after the discovery of an iOS vulnerability referred to as Masque Attack because of its ability to emulate and replace existing legitimate apps with malicious ones, Apple has responded in a statement to iMore.
"We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software," an Apple spokesperson told iMore. "We're not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company's secure website."
Masque Attack works by luring a user to install an app outside of the iOS App Store by clicking a phishing link in a text message or email. For example, a user could be prompted to download a new app in a text message that says something like "Hey, try out Flappy Bird 2". A user is then directed to a website where they're prompted to download the app, which will install the fake app over the legitimate one using iOS enterprise provision profiles, making it virtually undetectable.
Masque Attack in action
Earlier today, the United States government issued a warning
about Masque Attack to iOS users. The vulnerability was discovered just a week after reports of malware called WireLurker surfaced
. WireLurker is able to attack iOS devices through OS X using a USB cable. Both vulnerabilities are unlikely to affect the average iOS user as long as Apple's security features are not bypassed.
Both WireLurker and Masque Attack can be avoided by staying away from suspicious apps and avoiding links that prompt users to install apps outside of Apple's App Stores.
All of the iPhone 15 and iPhone 15 Pro models feature a new battery health setting that prevents the devices from charging beyond 80% at all times when enabled, as confirmed by The Verge's Allison Johnson during a Q&A session today. The new setting is separate from the pre-existing Optimized Battery Charging feature on iPhones, which intelligently delays charging past 80% until a more...
In June, Apple announced iOS 17 with a wide range of new features and changes for the iPhone. Following over three months of beta testing, the free software update will be released this Monday, September 18 for the iPhone XS and newer. Below, we have recapped 10 key features coming to the iPhone with iOS 17, with additional features coming later this year. The update should be released to...
Apple today released iOS 17.0.1 and iPadOS 17.0.1 updates for the iPhone and the iPad, adding bug fixes to the new software. The iOS 17.0.1 and iPadOS 17.0.1 updates come just a few days after Apple launched iOS 17 and iPadOS 17. The software, which is build 21A340, can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. There is a...
As Apple was announcing new iPhone models last week, the Unicode Consortium was officially approving new emoji characters that are set to be added to smartphones starting in 2024. Mockup of new emoji from Emojipedia Approved Unicode 15.1 emoji include phoenix, lime, an edible mushroom, shaking head vertically (as in a "yes" nod), shaking head horizontally (a "no" head shake), and broken...