How to fix 5 common security threats on iPhone and iPad

Unfortunately, the days when Apple devices were 'immune' from various security threats have been long gone.

Although it is true that they are still safer than Android devices, that distance is rapidly shrinking. Issues like hacking photos of celebrities on iCloud, Find My Phone hijacking scams and the number of threats from increasing malware have undermined the comprehensive protection of Apple devices. .

It is more important than ever for iPhone and iPad owners to know what threats they can face and how to fix them, if the worst happens.

Today's article will tell you how to fix 5 common security threats on iPhone and iPad.

XcodeGhost

How to fix 5 common security threats on iPhone and iPad Picture 1

What is XcodeGhost?

XcodeGhost was first discovered in the fall of 2015 in China. It is based on the malicious version of Xcode (Apple's official application development tool), and developers accidentally use XcodeGhost instead of the official version of Apple to compile the application.

After that, those applications are released into the App Store, undergoing a review process of Apple's code and eventually downloaded by the end user.

Fortunately for users in Europe and North America, most of the affected applications are only located in China - although some applications (such as the popular CamCard business card scanning tool) are available in the store globally. An estimated 40 to 350 applications have been affected, according to studies. One of these applications is the very famous Angry Birds 2, although Rovio quickly released a fix.

How does it affect you?

Applications infected with XcodeGhost can collect information about the device and then encrypt and upload that data to the attacker's server. Collected data includes the application's package identifiers, device name and type, language and country, device UUID and network type.

The study also found that malware could give fake warnings to steal user information, trick open URLs and write data to a user's clipboard.

How can you fix this error?

After finding out, Apple made the following statement:

'We have removed the applications we know have been created with this counterfeit software from the App Store. We are working with developers to make sure they are using the appropriate Xcode version to rebuild their application. "

If you notice suspicious behavior when using your device, you should immediately check the list of affected applications online, then delete any compromised applications and change all your passwords.

Masque Attack

How to fix 5 common security threats on iPhone and iPad Picture 2

What is Masque Attack?

Masque Attack was discovered by US-based security company FireEye in late 2014.

This attack works by simulating and replacing legitimate applications installed on the device, for users who have downloaded a seemingly legitimate application from outside the App Store. This scam can take the form of a link to an 'updated' application in text messages, WhatsApp messages or emails.

When the link is clicked, the malware will install the malicious version of the application on the original using the iOS profile provided to the business, so the average user is almost undetectable. out it.

The detection becomes even more complicated, because both the real App Store version and the malicious version use the same package identifier.

How does it affect you?

According to FireEye, the risk is huge. Masque Attack can override email and banking applications, then steal bank information, local application's native data (such as cached emails and login tokens) and numbers The amount of confidential and private data has not been declared.

How can you fix this error?

Apple's reaction is to claim that Masque Attack is not really a threat because very few users are affected:

'We designed OS X and iOS with integrated safety protections, to help protect customers and warn them before they install potential malware. We do not know if any customers are really affected by this attack. We encourage customers to download only from reliable sources such as the App Store and pay attention to any warnings when downloading applications. '

If you're lucky not to become a victim, simply deleting the malicious application and reinstalling the official version from the App Store will fix the problem.

WireLurker

How to fix 5 common security threats on iPhone and iPad Picture 3

What is WireLurker?

Less than a month before the information about Masque Attack, Trojan Horse WireLurker was found.

Like XcodeGhost, the hacked version comes from China. It had been active for more than six months before it was discovered, and after it was discovered, it foretold "a new era of malware attacking Apple's mobile platforms and desktop computers." , follow Palo Alto Networks.

The virus was inserted into pirated Mac OS X software and then transferred to Apple devices via a USB connection. But it cannot transfer Trojan directly from this iOS device to another iOS device.

After downloading more than 415,000 times, it was noted as the biggest explosion of malware on iOS.

How does it affect you?

The attack can target both jailbroken (cracked) and non-jailbroken (not cracked).

If installed on jailbroken devices, WireLurker can use parts of the Cydia system to steal the victim's personal information, address book and phone number. It will then use Cydia to infect other applications and install additional malware.

1. Secure iPhone after jailbreak

If installed on a non-jailbroken device, the trojan will exploit the enterprise licensing system by installing an invisible security configuration in the Settings application . This will allow the application to install third-party comic apps without user consent.

How can you fix this error?

The good news is that if you run on a non-jailbroken device, this trojan is not harmful. Sadly, whether your device is jailbroken or not, the only way to eliminate the problem is to wipe your Apple device.

Before doing that, you need to make sure your Mac is not compromised, otherwise you will infect your iOS device again after reconnecting it to the computer. Thankfully, Palo Alto Networks has released a Python script to completely remove WireLurker. This script can be found on GitHub.

Link reference: https://github.com/PaloAltoNetworks/WireLurkerDetector

Once the download is complete, navigate to Settings> General> Reset on your iOS device. Select Erase All Content and Settings and restart the device. You will need to reset the device, but all WireLurker signs will disappear.

SSL Flaw

How to fix 5 common security threats on iPhone and iPad Picture 4

What is SSL Flaw?

In early 2014, a flaw in Apple's SSL (Secure Sockets Layer) code was discovered. For those who are not yet familiar with SSL, SSL is one of the technologies used to create secure connections to websites.

The problem arises from a programming error, supposedly discovered before the release of iOS 6.0. This error means that a key authentication step has been ignored, thus allowing unencrypted data to be sent over public Wi-Fi hotspots.

How does it affect you?

Because the data is not encrypted, it is easy for hackers to steal and read passwords, bank details, personal information and other important data. This information can then be used for nefarious purposes.

The problem is only apparent when using public Wi-fi points, while Wi-Fi networks are secure, encrypted, such as home and business networks, are not affected.

How can you fix this error?

If you belong to a group of people who never upgrade your operating system, you might be in trouble.

It's easy to check by navigating to Settings> General> Software Update . If you are using any version of iOS before 7.0.6, it will be a bit risky. If you have an old Apple device and can't update it to iOS 7 (eg iPhone 3GS or iPod Touch 4G), you need to make sure you're running at least iOS 6.1.6.

The problem is also obvious on Mac. You need to run at least 10.9.2. If you are using any older operating system, avoid using Safari to browse the web.

Hack Lock Screen

How to fix 5 common security threats on iPhone and iPad Picture 5

What is Hack Lock Screen?

Hack Lock Screen is nothing new. Android phones have been affected by past hacking Lock Screen and Apple devices have also discovered this in March 2013.

However, in September 2015, a new hacking method appeared on iOS devices. It will allow hackers to access your phone's iMessage application, contacts and photos without entering any verification.

The process is very simple: Enter the password incorrectly four times and after the fifth time, hold the Home button . When Siri opens, use it to open the clock. When the clock appears, press + to access the search, and from there access the data.

How does it affect you?

Only four or six-digit password-protected devices are vulnerable to attack. If you use a longer alphanumeric password, you will not be affected.

Thankfully, access is partially limited and not all iOS systems are likely to be attacked. However, people often take screenshots of personal information such as bank statement screens, flight details and various personal accounts. All of this will probably be stolen by hackers.

How can you fix this error?

There are three clear solutions.

First, you should immediately change your current password to a password that is alphanumeric. Second, you can prevent Siri from accessing the lock screen ( Settings> Touch ID & Passcode> Allow access when locked> Disable ). Finally, you should always ensure that you are running the latest version of the operating system, to fix the vulnerabilities as soon as the fixes are published.

Do you fall victim to any of the threats we mentioned in the article? Perhaps you know about some other dangerous threats other than those mentioned in the article? Let us know your opinion in the comment section below!

See more:

1. Change the following 7 iOS settings to better Safari security
2. How to set super strong iPhone password to hackers also "give up"
3. Security "security" for iPhone. How many methods do you know?