Turns out you may not be quite as safe on your iPhone, iPad and Mac computer as you thought you were. A group of security researchers from Indiana University, Peking University and Georgia Institute of Technology have discovered zero-day vulnerabilities in iOS and OS X that would permit a hacker to steal a user’s personal data among other things. Their paper is entitled: Unauthorised Cross-App Resource Access on MAC OS X and iOS.
In it, they demonstrate how it’s possible for someone to bypass Apple’s app vetting process and upload malware onto the App Store and the Mac App Store. Once a user installs this nefarious piece of code, the hacker can use the malware to steal the person’s Apple passwords including passwords contained in other keychains such as Google’s Chrome web browser.
According to the researchers, they had informed Apple of these weaknesses back in October of last year and although Apple said they would have these resolved in 6 months, the loop holes continue to exist in latest editions iOS and OS X. This is certainly a major concern for iOS 9 and OS X El Capitan users.
To outline the severity of this issue and just how widespread it is, the paper mentions that a staggering 88% of apps they tests were potentially vulnerable.
Caution is advised when purchasing and or downloading software applications from unknown sources. This is just another example of how the myth that Apple products don’t get viruses is a very dangerous one. Be sure to download and install some quality anti-virus application and update your existing anti-virus software. All power to the firewall!
