The interesting parts are
- It is a design issue, so hard to fix
- Apple says "it is a feature"
- Malware can launch original app (so user has no clue)
Apple has been contacted for comment. However, the pair say they informed the tech giant of their research, and Apple labeled it "a feature, not a bug."
"Apple tried to solve the problem but actually made it worse, because now it is even easier to infect a mobile device."
"We found a way to do a man-in-the-middle attack on an iOS mobile device and replace an original command such as 'query device' with one to install a malicious enterprise certificate application," Bobrov says.
There is also little a typical system administrator can do to detect a handset compromised by the attack. Eagle-eyed staff could report a newly-installed application to IT, foiling the hack, but further attack research makes this scenario even more unlikely.
Separate research by MetaIntell architect Chilik Tamir also showcased at the Singapore hacking conference demonstrates how attackers can install a malicious application that not only looks like a legitimate app, but when tapped, calls and launches the original expected app after it pwns the handsets
For more details:
No comments:
Post a Comment