More iOS Malware Publicly Released - Dubbed "Masque Attack"

Watch out iUsers! Malware for iDevices is getting more popular. After the revelation of the WireLurker malware for Apple products last week, FireEye Inc. discovered a similar piece of malware for iOS devices over the summer including iPhones and iPads. However, this one is a lot more dangerous.


In July of this year, the young security company found what they are calling a "Masque Attack" on iOS devices that replaces user-installed applications on jailbroken and non-jailbroken iPhones and iPads running iOS 7.1.1 and later (including the 8.1.1 beta). The malware has the capability of overwriting a safe application that the user installed on the app store with a malicious version of it. The new malicious app has the cap

ability of accessing local data from the original "safe" application, meaning that any emails, login tokens, or user data may be compromised.

The Basic Process:

1. User downloads a safe application from the Apple App Store
2. User is lured into downloading a new 3rd party application
3. New application installs, but also modifies "safe" application from Step 1
4. Safe app's data is now completely accessible by malware perpetrators

In order to avoid the Masque Attack, avoid downloading applications that don't come directly from the Apple app store.