US government warns on
bug in Apple’s iOS software
The US government warned iPhone and iPad users on Thursday to be on the alert for hackers who may exploit a vulnerability in Apple’s iOS operating system that would enable them to steal sensitive data.
There was the
potential for hacks using a newly identified technique known as the “Masque
Attack,” the government said in an online bulletin from the National
Cybersecurity and Communications Integration Center and the U.S. Computer
Emergency Readiness Teams.
The network security
company, FireEye, disclosed the vulnerability behind the “Masque Attack”
earlier this week, saying it had been exploited to launch a campaign dubbed
“WireLurker” and that more attacks could follow.
Hackers could
potentially steal login credentials, access sensitive data stored on iOS devices
and remotely monitor activity on those devices, the government said.
Such attacks could be
avoided if iPad and iPhone users only installed apps from Apple’s App Store or
from their own organizations, it said.
Users should not click
“Install” from pop-ups when surfing the web. If iOS flashes a warning that says
“Untrusted App Developer,” users should click on “Don’t Trust” and immediately
uninstall the app, the bulletin said.
Representatives of
Apple could not immediately be reached for comment.
Reuters