Apple is breakable


Apple has always boasted about its closed walled security.Such that they advised Android users of being safe  online without checking their own backyard.The malware were previously reports attacking iOS but were few in numbers compared to Android.That may change as iOS is getting global acceptance and holding bigger market share in the handheld than it had few years ago.

Same has been confirmed by Sky security.They have found out a way to break the security of Apple.Sandbox feature makes harder for attackers to inject malwares to Apples app store.A must feature which Android can adopt to keep Google Play free from malwares.

Technicalities:-

iOS profile ,also known as mobileconfig files are  used to configure system level settings of iOS with various service settings like VPN,Wi-Fi.But the same can be used to bypass the Apple security.

Method:-

A malicious profile could be used to remotely control mobile devices, monitor and manipulate user activity and hijack user sessions. In addition to being able to route all of the victim’s traffic through the attacker’s server, can also install root certificates on victims’ devices. This makes it possible to seamlessly intercept and decrypt SSL/TLS secure connections, on which most applications rely to transfer sensitive data.

Scenarios:-

  1. Victims browse to an attacker-controlled website, which promises them free access to popular movies and TV-shows. In order to get the free access, “all they have to do” is to install an iOS profile that will “configure” their devices accordingly.
  2. Victims receive a mail that promises them a “better battery performance” or just “something cool to watch” upon installation.

And your Apple is infected by malware

Precautions to be taken:-

  1. You should only install profiles from trusted websites or applications.
  2. Make sure you download profiles via a secure channel (e.g., use profile links that start with https and not http).
  3. Beware of non-verified mobileconfigs. While a verified profile isn’t necessarily a safe one, a non-verified should certainly raise your suspicion.

Source:- SkycureSecurity

Advertisements