To carry out attacks on mobile Apple devices, attackers can use the application package Masque Attack to create fake apps Facebook, Twitter and WhatsApp. The experts at FireEye revealed details about the attack on the ongoing in Las Vegas Black Hat conference.
Researchers became aware of Masque Attack after analysis of the documents, leaked to the recent hacking Hacking Team. As it turned out, all the major mobile operating systems, including iOS, Android, Windows and BlackBerry, were the order of the Italian producer of spyware. Experts found the program Remote Control System designed specifically for hacking the iPhone and iPad.
Log files Hacking Team indicate that the company had the option to send “inaccessible to the public” versions of malicious applications, unofficial versions of programs that steal confidential information and upload it to a remote server.
Moreover, experts found an application that allows you to remotely manage iOS devices without jailbreak after downloading from the server application package Masque Attack, says Securitylab. In each programme provides a control panel that allows you to change its “behavior”.
After the attack on iPhone and iPad the malicious following data:
- Call recording in Skype, Wechat, etc.
- Correspondence Skype, WhatsApp, Facebook Messenger etc.
- The History Of Chrome.
- Phone calls.
- Track user movement in the background.
- Contact information.
All applications Masque Attack are collected again the mobile version of the popular social platforms, among which Facebook, Twitter, WhatsApp and Skype. They exploit vulnerabilities in iOS. Applications missing digital certificate, so their installation users must bypass the warning notice. The vulnerability was closed by Apple in the iOS 8.1.3 update.