FireEye Uncovers Background Monitoring Security Hole in iOS 7
According to a new post on the blog of FireEye, a threat prevention platform provider, their mobile security researchers have discovered ways to bypass Apple’s app review process effectively and exploit vulnerabilities in iOS 7 through background monitoring mobile applications.
In the post FireEye states “We have created a proof-of-concept ‘monitoring’ app on non-jailbroken iOS 7.0.x devices. This ‘monitoring’ app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server. Potential attackers can use such information to reconstruct every character the victim inputs.”
The blog post goes on to note that the demo exploits the latest 7.0.4 version of iOS system on a non-jailbroken iPhone 5s device. In addition, FireEye verified that the same vulnerability also exists in iOS versions 7.0.5, 7.0.6 and 6.1.x. “Based on the findings,” the post concludes, “potential attackers can either use phishing to mislead the victim to install a malicious/vulnerable app or exploit another remote vulnerability of some app, and then conduct background monitoring.”
A link to the FireEye blog post and company site can be found here.