Apple: Imitation app hack hasn’t affected users
Apple is not aware of any users who have been affected by a strategy where hackers replace authentic Apple-approved apps with nefarious imitations.
“We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software,” said an Apple spokesman in a statement.
{mosads}The response comes four days after security firm FireEye described the potential hack, dubbed Masque Attack.
In the scheme, cyber thieves get users to download an app with the malicious software.
That software then replaces another important app already on the phone — a banking or email app, for instance — with an imitator that scrapes up personal information, tracks location, or even eavesdrops on conversations.
The iPhone doesn’t notice this has happened because it allows apps to be replaced with identically named apps, regardless of developer.
The technique is an advanced version of a hacking strategy Chinese attackers were caught using last week to try and spy on iPhone users.
Within hours of discovering the espionage campaign, Apple shut it down.
Masque Attack is not known to be part of an active cyber effort. It represents more of a worst-case possibility.
The apps carrying the Masque Attack software would have to come from the Web, which Apple warns against.
“We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps,” the Apple statement read. “Enterprise users installing custom apps should install apps from their company’s secure website.”
Apple has been bolstering its product’s security, amid concerns about government ability to access user data.
In the U.S., Apple and other tech companies are pushing back against government requests for customer data. The tech company claims the customer data on its most recent iPhone is inaccessible to the government — and Apple itself. Law enforcement officials have worried the move could inhibit legitimate criminal investigations.
In China, Apple has experienced a number of suspected government-backed hacks. ICloud, the iPhone and Mac desktops have all been targeted. The company has been making a big push to expand its presence in China.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..