Friday, February 28, 2014

Apple iOS bug puts iPhones and iPads at risk

Security researchers have discovered a new flaw in Apple's iOS that could expose every action the user takes to a third party, even down to each letter and number typed. A team from security company FireEye have outlined how they were able to get an app onto iOS 7 devices such as iPads and iPhones that would monitor every single tap of the screen and broadcast that information to any remote server. Such information would potentially give hackers access to every single SMS, email and written note as the location of the screen presses gives away which button is being pressed on the virtual keyboard. The app can also record every home button press, changes of volume and TouchID fingerprint scanner use. Researchers claim that the attack is only at the "proof-of-concept" stage and there is no evidence that it has been used outside of a lab. And the group have informed Apple of their work and claim to be "collaborating on the issue". The attack works on even the latest version 7.0.4 of iOS and on non-jailbroken iPhones. <more>

No comments: