iOS permeable to a technical problem of phishing

An application developer has discovered a vulnerability in the mobile operating system of Apple, which allows you to enable the popup window prompting to enter the password of the user account.

Pirates ill-intentioned could use this vulnerability to steal account ids Apple.

Perfect copy of the input window

This is the window that opens when a download in the Appstore, or an app requires you to enter the password for your Apple id. In an article published on his blog on 10 October, Felix Krause, a developer on iOS, reveals to have discovered a vulnerability that allows to recreate the same this famous popup window. A vulnerability that could unfortunately be used to steal account credentials Apple.

In his demonstration, Felix Krause explains, comparison photos to the support, to be able to imitate to perfection the window official who asked to enter his / her password. The developer refuses to deliver the source code, but it suggests a mind ill-intentioned could perfectly apply this discovery to the attempts of phishing that would have the greatest chances of success.

A password that is requested very often

Felix Krause explained that in effect, iOS application very often to the user’s iTunes password, this is for updates to the operating system or applications, when the installation hangs during the process. The demands are many, many users fill up without too much attention to the password box every time iOS invites. The greatest risk lies when the window appears in the applications themselves, as is the case with iCloud, GameCenter or in app purchases in some apps. It is in this kind of context, the phishing would be more likely to succeed, so the deception would be difficult to detect.

Felix Krause book all the same an effective method to raise a doubt : press the home button of his iPhone or his iPad when the window to input the iTunes password appears. If the app closes, as well as the popup window, it is that you are faced with an attempt of phishing.

  • Gmail : new ergonomics for the app on iOS and Android
  • Launch of iOS 11 : what are the new features ?
  • Apple : you can broadcast your screen, iPhone live iOS 11
  • Apple unveils iOS 11 and its new features
  • An AI learns to play Mario by curiosity
  • Amazon : its biosphere giant images (#rediff)

Modified 12/10/2017 at 16: 05

Share
The Stopru