Apple issues statement on Masque Attack, says it’s not aware of any affected users

A couple of days ago, researchers discovered a new security flaw that could allow unsuspecting users into installing dangerous malware, however, it looks like that Apple broke its silence regarding Masque Attack, a recently discovered vulnerability in iOS. In a statement to iMore, the company says it encourages customers to only download apps from trusted sources and that it’s not currently aware of any users affected by the exploit.
Research security FireEye announced its discovery of Masque Attack on Monday. The malware installs itself through a phishing link disguised as a new app or game, and then masquerades as a legitimate app. Once installed, it can access login credentials, credit card info and more.

Here’s Apple’s full statement:
“We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software,” an Apple spokesperson told iMore. “We’re not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company’s secure website.”
Thanks to its oft-criticized “walled garden” approach to application installs, iOS has earned a reputation for being fairly secure. Masque Attack, however, takes advantage of a provisioning flaw in the operating system, which we are expecting to be patched in the upcoming iOS 8.1.1 release.

So what do you think ? 


blog comments powered by Disqus
Octofinder Blog Catalog