ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    iOS Masque Attack

    Scheduled Pinned Locked Moved IT Discussion
    applesecurityswisscheeseios
    15 Posts 6 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller
      last edited by

      Basically it looks like this requires a really stupid user both to click a link that is a phishing attack as well as not notice that Gmail is being replaced as well as have the Gmail app installed already. Is that all true? Seems like a very scary attack but for a very limited audience.

      1 Reply Last reply Reply Quote 0
      • Reid CooperR
        Reid Cooper @scottalanmiller
        last edited by

        @scottalanmiller said:

        So is Gmail as an app the only target? I have Gmail on the iOS email client.

        From the article it looks like it can steal data from nearly any third party app, but not the Apple apps. So normal users would have no risk to email, messaging or web browsing. It would be things like Facebook that would be at risk.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          But it needs the same bundle identifier? Does that mean that they have to make a guess as to what you have installed in order to action the attack? Like they guess that you have Facebook Messenger installed, so they use its bundle identifier? Then, if you do actually have it, it replaces it and if you don't, if fails and you are safe?

          1 Reply Last reply Reply Quote 0
          • Reid CooperR
            Reid Cooper
            last edited by

            I think so, that is how I read it.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller
              last edited by

              Not too much risk for businesses then, really focused on end user data.

              Reid CooperR nadnerBN 2 Replies Last reply Reply Quote 0
              • Reid CooperR
                Reid Cooper @scottalanmiller
                last edited by

                @scottalanmiller said:

                Not too much risk for businesses then, really focused on end user data.

                Seems that way.

                1 Reply Last reply Reply Quote 0
                • nadnerBN
                  nadnerB @scottalanmiller
                  last edited by

                  @scottalanmiller said:

                  Not too much risk for businesses then, really focused on end user data.

                  Isn't that 90% of apples clientele?
                  Seriously though, I don't actually know but I figure that a good portion of Apples users would fall for it mainly because of the "Macs are immune to this crap" type of mentality.

                  thanksajdotcomT JaredBuschJ 2 Replies Last reply Reply Quote 1
                  • thanksajdotcomT
                    thanksajdotcom @nadnerB
                    last edited by

                    @nadnerB said:

                    @scottalanmiller said:

                    Not too much risk for businesses then, really focused on end user data.

                    Isn't that 90% of apples clientele?
                    Seriously though, I don't actually know but I figure that a good portion of Apples users would fall for it mainly because of the "Macs are immune to this crap" type of mentality.

                    I can see that...

                    1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @nadnerB
                      last edited by

                      @nadnerB said:

                      Isn't that 90% of apples clientele?
                      Seriously though, I don't actually know but I figure that a good portion of Apples users would fall for it mainly because of the "Macs are immune to this crap" type of mentality.

                      No. They will fall for it because they clicked on a get this app free link.

                      General end users have no clue that one system is more secure than another. That only comes in to play in the more technical circles.

                      nadnerBN 1 Reply Last reply Reply Quote 2
                      • nadnerBN
                        nadnerB @JaredBusch
                        last edited by

                        @JaredBusch said:

                        No. They will fall for it because they clicked on a get this app free link.

                        General end users have no clue that one system is more secure than another. That only comes in to play in the more technical circles.

                        Very true.

                        1 Reply Last reply Reply Quote 0
                        • 1 / 1
                        • First post
                          Last post