Apple Comments on the ‘Masque Attack’ Vulnerability

Last week we reported the iOS 8 vulnerability referred to as Masque Attack. The cybersecurity FireEye company detected this threat. According to them, using this vulnerability hackers can replace apps on your iPhone and iPad with their identical looking versions, while collecting user?s data for mercenary purposes. Apple has recently responded to the information about vulnerability officially and reported that none of the iOS users had been affected by this attack so far.

Apple?s spokesperson commented that the built-in security safeguards in OSX and iOS are designed to protect and warn users about a potential threat before installing malicious software.

“We’re not aware of any customers that have actually been affected by this attack. We encourage our customers to only download apps from trusted sources like the App Store and to pay attention to any warnings when downloading the apps. Enterprise clients installing custom apps should install apps from their company’s secure website.”

Besides that, the company posted a knowledge base article which instructs users on the process of secure apps installation from sources other than the App Store. Unfortunately, this article is not available in Russian at the present moment.

Recap: you can become a potential Masque Attack victim only if you are downloading apps from outside the App Store. The vulnerability is unlikely to affect most of the users, and according to the official data from Apple there no victims among those who use alternative download resources.

Source: appleinsider.ru