Share

Related Stories

  • Jailbreak for Apple iOS 7 Released – But Beware
    A jailbreak for any new iOS operating system is always to be expected; but the group that delivered the iOS 6 jailbreak has surprisingly released a full iOS 7 untethered jailbreak just in time for Christmas. However, succumbing to common software pressures, it may have been a bit rushed. Be careful; it's buggy and installs a Chinese app store.
  • Apple iOS Apps Found to Have a Common Hijacking Vulnerability
    A flaw impacting Apple iOS-based apps has been discovered that, if exploited, could allow an attacker to hijack the server URL from which mobile applications load their data, replacing the served data with his own content.
  • New iOS 7 Flaw Thwarts 'Find My iPhone' Feature
    A fresh Apple iOS 7 bug has been uncovered, which would allow a remote attacker shut down the “find my iPhone” functionality that allows users to remotely wipe stolen or lost phones.
  • Apple iOS7 features yet another lock-screen bypass
    Less than a week after Apple unveiled the beta version of Apple iOS7 at its annual World Wide Developers Conference (WWDC) confab, an enterprising tech-head has managed to bypass its screen-lock security.
  • Fake iTunes updates demolish the idea that Apple iOS is secure
    The long-held belief that the Apple iOS platform is inherently secure due to Apple’s walled garden approach to software has been holed once again, this time by a security firm that has developed a method of sending Fake iTunes and Flash updates to iPhone and iPad users.

Top 5 Stories

News

New Malware Records Everything You Do on Your iPhone

31 January 2014

Everyone typically beats up on Android for posing a security risk, with its third-party app stores and Google’s open access policies. But Apple iOS is not entirely above the fray, as a new proof-of-concept (PoC) “screenlogging” malware shows.

Neal Hindocha, a senior security consultant for Trustwave, is planning to demonstrate a PoC malware at the upcoming RSA Conference in San Francisco that goes beyond keylogging to record absolutely every interaction that a person has with his or her iPhone or iPad. It monitors finger-swipes on the touchscreen while taking screenshots, so a criminal would know what the user is doing and with what app.

Parsing that information would be very labor-intensive for a would-be hacker, so the malware is inappropriate for use at scale. But, it could be used for very targeted, small-batch campaigns, such as lifting a specific person’s online banking credentials, or capturing VPN log-in details for corporate espionage purposes. It could even be used to glean log-in details for free Netflix video streaming, or Facebook hijacking – useful for suspicious spouses and concerned parents alike.

The idea was hatched as Trustwave was researching the evolution of financial malware on the Windows platform, Hindocha told Forbes. The finance vertical is beginning to combat keylogging trojans with new types of password approaches, prompting Hindocha to consider corresponding information-capture strategies. Appropriate given the rise of mobile banking, he decided to see how new methods could play out on smart devices.

It records the X and Y axis of a touch on the screen, and then plots the location onto the screenshot. He told Forbes that it can also be programmed to only capture information when users are in a specific app – culling the data a hacker needs to sift through and also improving the targeting capabilities.

Hindocha hopes to bring attention to this potential threat vector with his research. But if a savvy cybercriminal decides to replicate the idea, most of Appleheads need not worry too much, because Apple’s walled-garden approach holds up: the malware only works on jailbroken iOS devices. However, it does work on Android too.

This article is featured in:
Application Security  •  Data Loss  •  Identity and Access Management  •  Industry News  •  IT Forensics  •  Malware and Hardware Security  •  Wireless and Mobile Security

 

Comments

Borderline_ADD says:

05 February 2014
It only works on jailbroken iPhones? Looking at your headline and looking at where in the article you revealed that crucial detail makes me ashamed on your behalf.

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×