Apple Plays Down Masque Attack Threat

Discussion in 'Apple iPad News' started by Maura, Nov 14, 2014.

  1. Maura

    Maura
    Expand Collapse
    iPadForums News Team

    Joined:
    Jun 7, 2010
    Messages:
    3,674
    Thanks Received:
    226
    [​IMG]

    AppleInsider reports today that Apple has acted to calm fears about the threat of the Masque Attack iOS vulnerability that was discovered earlier in the year by computer security firm FireEye.

    In an official statement to iMore, Apple said that OS X and iOS security measures, when used properly, should be enough to prevent Masque from damaging your iOS device.

    Apple told iMore that OS X and iOS were designed specifically with built-in security safeguards “to help protect customers and warn them before installing potentially malicious software.”

    Apple went on to say that it was not aware of any customers who have been affected by the attack, adding, “We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps.”

    FireEye said that Masque Attack works by creating phony apps that pose as official Apple software and are designed to trick you into divulging your login information via a malicious banking app, for example.

    Source: AppleInsider
     
  2. 2112

    2112
    Expand Collapse
    iPad Fan

    Joined:
    Jul 27, 2013
    Messages:
    102
    Thanks Received:
    36
    Thanks Maura for this article. Can a malicious app make it into the App Store? And has there ever been a documented incident? Where else would one download an app on a stock ipad other than the App Store? THANKS
     
  3. scifan57

    scifan57
    Expand Collapse
    Administrator
    Staff Member

    Joined:
    Dec 3, 2011
    Messages:
    27,492
    Thanks Received:
    9,224
    Enterprise provisioning profiles are the most likely way to get apps onto a stock device without going through the App Store. The hackers could be using identifying data from enterprise provisioning certificates to make it possible for the phone apps to be installed on the victims device.
     
  4. Ser Aphim

    Ser Aphim
    Expand Collapse
    iPad Addict

    Joined:
    Nov 7, 2013
    Messages:
    1,023
    Thanks Received:
    171
    Well as long as we use our devices "properly" we won't need to worry about masque, right?
     
  5. scifan57

    scifan57
    Expand Collapse
    Administrator
    Staff Member

    Joined:
    Dec 3, 2011
    Messages:
    27,492
    Thanks Received:
    9,224
    This Masque Attack only affects jailbroken devices that download unofficial, cracked, and pirated apps that have been infected by the virus. If you get all your Apple apps from the App Store or your jailbroken apps and tweaks come from reputable repos you have nothing to worry about.
     

Share This Page