For some time now, it has been pretty much common knowledge that any iOS7 device which has been jailbroken is more vulnerable to keyloggers which are able to intercept each keystroke or touch allowing passwords and security information to be stolen. However, one security firm has now proven that even iOS devices that have not been jailbroken could be vulnerable to a similar security threat.
Earlier this month, developers from FireEye published a blog about a new monitoring app capable of recording and transmitting all touch/press events. This would include screen taps, volume button use, home button presses and even TouchID presses. The app is said to work in multiple versions of iOS including 7.0.4, 7.0.5, 7.0.6, and 6.1.x and can be installed either by exploiting weaknesses in other apps or with the help of phishing activities.
The app was created as a proof of concept and FireEye has said that they are currently working with Apple to address the issue. At present, users are able to turn off the ‘Background App Refresh’ which may offer a temporary solution. However, FireEye representatives say that since background music does not need permission to refresh, it is possible for malicious apps to masquerade as background music in order to work around this. Until such time as Apple is able to offer a reliable fix for this security flaw, FireEye is advising that all users simply stop apps from being able to run in the background using task manager.
To access the task manager, users should double tap the home button. This will show previews of any apps that are currently running – allowing users to swipe them in and out of view in order to turn off anything unnecessary or suspicious that might be running in the background on their device.
Keyloggers are taking an increasing interest in smartphones and tablet devices because so much input comes from touchscreen interfaces instead of alphanumeric keys. Recently, another security firm (Trustwave) has been able to develop a proof of concept app for both Android and jailbroken iOS devices which was able to capture screenshots showing the X and Y co-ordinates of screen taps.
News of this latest security flaw in iOS7 comes hot on the heels of Apple releasing a fix for other security issues including problems with the SSL encryption which is used in the protection of confidential data which was fixed with last week’s release of version 7.0.6 of iOS.
P.S. mSpy iPhone monitoring app brilliantly works on all iPhones.
|MOBILE & TABLET FEATURES|
|Keylogger||LINE + Tinder||Viber + Telegram|
|Hangouts + Skype||Wi-Fi Networks||Apps & Websites Blocking|