Apple devices under 'masque attack' threat: Cyber agency
New Delhi, Nov 18: Cyber security sleuths have alerted users of 'Apple' iphones and ipads against a lurking "masque attack" on their devices that could compromise gadget safety and steal sensitive private information.
In its latest advisory to the users, the Computer Emergency Response Team-India (CERT-In) said, a vulnerability has been reported in Apple iOS which allows any iOS application that is installed using enterprise or ad-hoc provisioning to replace any legitimate iOS application installed through the App Store with any other malicious application.
"This attack is also known as 'Masque Attack' technique against Apple iOS. Successful exploitation of this vulnerability could allow remote attacker to steal sensitive information from the device, monitor user activities, gain root privileges on the device and launch further attacks," the CERT-In advisory said.
The CERT-In is the nodal agency to combat hacking, phishing and to strengthen security-related defences of the Indian Internet domain. The iOS is the backbone of all operations and apps in various Apple gadgets like iphones, tabs and ipads.
Apple has already asked users to download applications and other information from trusted sources only. This vulnerability, the agency said, is caused due to iOS not properly enforcing and matching of certificates for apps (applications) with the same identifier.
"A remote attacker could exploit this vulnerability by tricking the victim into installing an application from a source other than the iOS App store or their organisations provisioning system. Attacker could then utilise this application to replace other legitimately installed applications, except iOS preinstalled applications, with any malicious application that uses the bundle identifier of the legitimate application thus bypassing the App Store review process," it said.
The agency called it a "high" rated threat and said it could affect various versions of the Apple iOS. The cyber security agency has also suggested some counter-measures in this regard.
"Don't install apps from third-party sources other than Apple's official App Store or your own organisation, don't click 'install' on a pop up from a third-party web page, carefully read iOS notification while opening applications and if iOS shows an 'untrusted App Developer' alert click on 'don't trust' and uninstall the application immediately," it recommended.
PTI
-
Bangalore Gold Silver Rate Today, March 9, 2026: Gold and Silver Prices Fall as US Dollar Strengthens -
Vijay-NDA Alliance On Cards? Pawan Kalyan Reportedly Reaches Out to TVK Chief -
Who Was Mojtaba Khamenei’s Wife Zahra Haddad-Adel and What Do We Know About Her? -
Who Is Aditi Hundia? Viral ‘Girl in Red’ & Ishan Kishan's Girlfriend Spotted During IND vs NZ Final -
Hyderabad Gold Silver Rate Today, 9 March 2026: Latest 24K, 22K Gold And Silver Rates In City -
Kerala Election 2026 Date: When Can You Expect EC To Announce Key Dates of Voting & Counting? -
Chennai MRTS Velachery–St Thomas Mount Line Opening on March 10 Faces Delay; Direct Beach Route to Start Later -
Mumbai Water Supply Cut For 24 Hours: Check Dates, Timings & Areas Affected by BMC Maintenance Disruption -
Hardik Pandya and Girlfriend Mahieka Sharma’s Celebration Video Goes Viral After India’s Win -
Bengaluru Hotels to Shut From Tomorrow March 10 as Commercial LPG Supply Stops -
Trisha's Net Worth: How Rich Is Thalapathy Vijay's Rumoured Girlfriend? -
Pune Electrician Arrested After Viral Video Shows Him Raising ‘Pakistan Zindabad’ Slogans, Watch
Click it and Unblock the Notifications
Sign in with Google