Security researchers have found a vulnerability in latest version of iOS 7 which could allow attackers to record users’ touch / tap events on non-jailbroken iDevices including iPhone 5S. Researchers have created a proof-of-concept app that successfully bypassed Apple’s app review process.
Researchers over at FireEye have claimed that the vulnerability is present in iOS 6.1.x, iOS 7.0.4, iOS 7.0.5 and even in iOS 7.0.6, which was released just before a few days.
Background monitoring mobile apps that monitor users’ activities on the iDevice can easily be installed on jailbroken iOS devices from third-party app stores; however, there have been no known instances of such apps being able to bypass Apple App Store review process. FireEye claims that they were able to create one such proof-of-concept “monitoring” app for jailbroken non-jailbroken iOS 7.0.x devices that bypassed the review process. [Thanks to our reader tornacious for pointing this out]
“This “monitoring” app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server,” claims FireEye.
Researchers warn that attackers could employ phishing or misleading tactics to get the user to install the ‘monitoring’ app on their devices.
However, all is not lost and FireEye claims that disabling unnecessary app’s background refresh could help in preventing such potential background monitoring. FireEye says that attackers can even bypass this, but until Apple releases an update to patch this vulnerability, the “only way for iOS users to avoid this security risk is to use the iOS task manager to stop the apps from running in the background to prevent potential background monitoring.”
To access the task manager, iOS 7 users can double press on the Home button. This will show preview screens of apps that are currently open. Users can swipe an app up to disable unnecessary and suspicious applications.
Hey Ravi:
“…there have been no known instances of such apps being able to bypass Apple App Store review process.”
You mean get through the App Store review process? There is no bypassing for non-jailbroken devices.
“FireEye claims that they were able to create one such proof-of-concept “monitoring” app for jailbroken iOS 7.0.x devices that bypassed the review process.”
You mean “…for NON-jailbroken iOS 7.0.x devices…”, right?
Please clarify this, because as it stands now the article is very misleading.