A major iOS security flaw reportedly threatens to expose users to keylogging, which means that hackers can log keystrokes before sending the data to a remote server. This weakness comes after the overlooked Secure Socket Layer (SSL) vulnerability allowed hackers to steal communications information like email and login credentials because Apple failed to encrypt the data. As a result, the company issued a patch last Friday which covers iPhone 4 and up, the fifth generation iPod Touch and the second generation iPad. Now, the tech giant is facing another flaw which makes it easier for hackers to spy on users.
Ars Technica was the first to announce the major iOS security flaw that supposedly threatens to expose users to keylogging. FireEye mobile security researchers carried out a study which proves that hackers can now track any touch a user makes on an iOS device, inclusive of TouchID and volume control. The proof-of-concept demonstrated that this weakness affects iOS 6.1x and 7 with all its upgrades, namely 7.0.4, 7.0.5. 7.0.6., which was released last Friday to patch another flaw dubbed GoToFail is also seemingly affected. The new iOS security flaw aims at taking advantage of background multitasking and the only way users can shield their personal data from hackers is by opening the task manager and closing any questionable apps.
FireEye collaborated with Apple and found out that the vulnerability which has been discovered can also exploit non-jailbroken iOS 7. After having created a proof-of-concept “monitoring” app which works on non-jailbroken iOS 7.0x gadgets, the team of researchers found out that the iOS security flaw allows potential hackers to use all the touch/press events that are recorded in the background and use the information “to reconstruct every character the victim inputs.”
Based on the findings, skilled hackers can make use of phishing to mislead the victim to install either a vulnerable or malicious app or even exploit another remote vulnerability of certain apps. This way, background monitoring becomes easier and users are exposed to keylogging.
How to Defend a Device Against the Threat
According to FireEye, until Apple launches a patch, the solutions which can defend devices against this possible threat are scarce. However, the major iOS security flaw which reportedly threatens to expose users to keylogging can be stalled by using the task manager that stops the apps from running in the background. iOS7 users should press the Home button twice to open the task manager and then swipe all apps up in order to disable suspicious or unnecessary applications.
Researchers also demonstrated that iOS7’s setting for “background app refresh” will not prevent hackers from getting hold of users’ personal information; disabling it could contribute to preventing the background monitoring, but it can be bypassed just like an app is able to play music in the background without activating the “background app refresh” switch.
Although FireEye does not offer details with regard to the workarounds, the team verified the iOS security flaw not only on the latest 7.0.4 version on a non-jailbroken iPhone 5s device, but also on other versions which also proved to be vulnerable. Apple representatives did not comment on this matter, which means that Ars Technica could not confirm the details FireEye provided, but the tech giant is known for not revealing issues related to the security of their devices. Until mitigating circumstances or an Apple patch are uncovered, there is no way of knowing the impact the major iOS security flaw which supposedly threatens to expose users to keylogging has on users’ personal data.
By Gabriela Motroc