All Apple news

Dozens of popular iOS apps are still vulnerable to interception of user data

In February of this year, the information security specialist Security Group Sudo will Strapac found that some popular iOS apps that encrypt user information, do it improperly. It was about 76 applications for iPhone and iPad vulnerable to attack allowing to intercept data. It turned out that after three months the majority of the affected application, including mobile banking, and did not get rid of security holes.

Strapac explained that a few dozen applications, including banking and medical, contain a dangerous vulnerability. Due to errors in the data transmission code of the programs can make invalid TLS certificates. TLS is used to protect the data transmitted by the application through an Internet connection. Without it, a hacker can listen to the traffic and without the knowledge of the user to intercept any data of interest, for example, logins and passwords.

It is logical to assume that after this discovery, the developers will undertake the fix for the bug. Some of them actually took action, for example, HipChat and Foxit. However, most have not escaped from this vulnerability.

The majority of applications, storing important personal information, it is still susceptible to hacking. Including banking Emirates NBD customers, 21st Century Insurance, Think Mutual Bank and Space Coast Credit Union. Among the vulnerable is also provided of the web Dolphin browser, the app for diabetics Diabetes in Check, and program allowing a resident of Indiana to participate in the voting.

“Such attacks can carry anyone in range of a wireless Wi-Fi network, while you use your device. Attack is possible in public places or even at your home if the attacker manages to get close enough”, – said Strapak.

Read also:   Poll: do you buy the "smart" column with the HomePod?

While there is no evidence that hackers use personal user data, though it hardly justifies the omission of developers. In total, according to the expert, 76 of the studied apps have been downloaded 18 million times. Users of vulnerable programs Strapac recommends avoiding public Wi-Fi networks and only use the mobile Internet.

Leave a Reply

Your email address will not be published. Required fields are marked *