Apple responds to Masque Attack concerns, says unaware of affected users
Coming days after the discovery of an iOS vulnerability called "Masque Attack" was made public, Apple late Thursday issued a statement regarding the potentially malicious software, saying default OS X and iOS security settings are enough to thwart attacks.
In a statement provided to iMore, Apple responded to media reports propping up Masque Attack as a major threat to iOS security, which many consider to be one of the safest consumer solutions in the world.
According to computer security firm FireEye, which discovered Masque Attack earlier this year, the attack revolves around phony apps that masquerade as legitimate software, such as banking apps or finance programs. Because a phony app mimics the user interface of the program it replaces, users may be tricked into entering sensitive login information that is subsequently sent to an off-site command and control server.
Distributed through email or malicious websites, these fake apps take advantage of Apple's Enterprise provisioning system, which does not verify code signing certificates for apps that use identical bundle identifiers. To avoid downloading malicious software, users should not install apps distributed outside of the iOS App Store or secure corporate servers.
Apple has subsequently posted a support document detailing custom enterprise apps.
In a statement provided to iMore, Apple responded to media reports propping up Masque Attack as a major threat to iOS security, which many consider to be one of the safest consumer solutions in the world.
The comments are in line with AppleInsider's analysis of the threat. As reported earlier this week, Masque is not viral and can only affect users who intentionally disable default security settings and manually bypass Apple safeguards to install unsigned code.We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software. We're not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company's secure website.
According to computer security firm FireEye, which discovered Masque Attack earlier this year, the attack revolves around phony apps that masquerade as legitimate software, such as banking apps or finance programs. Because a phony app mimics the user interface of the program it replaces, users may be tricked into entering sensitive login information that is subsequently sent to an off-site command and control server.
Distributed through email or malicious websites, these fake apps take advantage of Apple's Enterprise provisioning system, which does not verify code signing certificates for apps that use identical bundle identifiers. To avoid downloading malicious software, users should not install apps distributed outside of the iOS App Store or secure corporate servers.
Apple has subsequently posted a support document detailing custom enterprise apps.
Comments
8.1.1 in a week or so to make this moot.
How will 8.1.1 keep from circumventing the enterprise provisioning profiles?
The media, the researchers and the government are trying to make this something that it is not.
Blowing this into something it's not does not help anyone.
Apple makes a good point in asking where are the affected users.
The media, the researchers and the government are trying to make this something that it is not.
Blowing this into something it's not does not help anyone.
Hah, I think this is too funny, It's not just Apple, things like this are always blown out of proportion, I have never had a single virus or malware on any of my devices but if you believe some of these articles out there, like many on this board do, you would think that PC's and Android devices are all riddled with them. Simply not true, those that follow proper security should allows be safe.
Hah, I think this is too funny, It's not just Apple, things like this are always blown out of proportion, I have never had a single virus or malware on any of my devices but if you believe some of these articles out there, like many on this board do, you would think that PC's and Android devices are all riddled with them. Simply not true, those that follow proper security should allows be safe.
Huh, I had PCs and needed to wipe my HDD a few times because of virus. Just you didn't get it doesn't make it unreal. Asks Microsoft why do they always provide security updates every couple of weeks if there's no such a danger.
Sheesh. I hate this revisionist. Just because Apple system is significantly safer, now all security flaws in other's OS are all imaginative. Talks about head in the sand.
Really would appreciate the help here. My searches, from an iPad, do not look promising. I have a scheduled call with Apple, but in the past they never seem to know much. They play the beginner game... "Unplug your computer" "plug it back in" "repair permissions".
I truly would appreciate the help from someone who actually knows what it is.
Thank you in advance.
I find it difficult to only use the App Store for software downloads. There are a lot of good apps that for one reason or another are not available there. Carbon Copy Cloner, Indigo (home automation), CrushFTP, various Tivo interface apps, printer software and so on are not on the App Store. I also have things that use Java which I know plenty of people think is a terrible, but I don't really have a choice in the matter. I can complain to the developers and device manufacturers, but I'm pretty sure that falls on deaf ears.
None of which has anything to do with iOS.
I could tell unsophisticated Mac users to limit their software downloads to the App Store but I'm pretty sure that falls on deaf ears.
Speaking of issues, anyone know what the deal is with us-ore-00001.s3.amazonaws.com is?
It's one of the cloud storage services Apple uses for the App Store and iTunes Store.
Amazon, Google, and MSFT are so desperate to compete with one another for the storage business that it's practically free.
All (or most) of the exploits are still there. The worst ones are the ones that can be done with a simple USB drive that Jain breaks
You are far too intelligent for this. The web hacks imply that you are willfully doing it, by yourself, with your own actions. This is simply a public way to show people how to hack into someone else's phone when they put it down (if they are showering or something).
I can personally attest that an iPhone, iPad, or Mac can be hacked. Just search for something that will do it. If you have enough money you can buy the program where you only need to plug in a USB drive for a few seconds. It will be jail broken, linked and done in under a minute with physical access and you will not be able to see. I suppose if you are a loner (certainly not saying you are) it's not an issue however.
God bless! ????
In other news, if a complete stranger asks to borrow your iPhone for 24 hours and also asks that you provide them with your iPhone passcode and your iCloud password then it's possible that you may be exposing yourself to theft, hacking, identity theft, or a privacy invasion. Be on guard for this attack until Apple patches iOS.
I could be wrong, but a computer that has never seen Amazon shouldn't even show this. It only showed up after Yosemitee. It's a 2012 Mac Mini. Also, when I earlier mentioned that my search results didn't look promising, it was because it has apparently been a Windows Malware issue since Vista. Seriously. I didn't want to bring up a competitor because usually on this site you get ignored or banned.
I actually did spend a few hours looking into it before I posted here. The computer is out of warranty, the apple support page I posted the issue to was responded to by an Apple Employee with a link to have an Apple Rep call me.
I think we are supposed to follow the white rabbit.
I don't understand pro-jailbreak community especially people becoming upset that Apple patches the vulnerabilities.
Notably, Google Android considers the option to install malicious, rogue apps a feature. Which is it; a vulnerability or a feature or is this entirely dependent upon which system is in discussion?
I could be wrong, but a computer that has never seen Amazon shouldn't even show this.
If you use iTunes, your computer has "seen" Amazon since AWS is one of the storage facilities hosting iTunes music. Another one you might see is Microsoft's data center services. As far as I know Apple has never used Google's cloud services.
It's normal. Don't worry about it.
Huh, I had PCs and needed to wipe my HDD a few times because of virus. Just you didn't get it doesn't make it unreal. Asks Microsoft why do they always provide security updates every couple of weeks if there's no such a danger.
Sheesh. I hate this revisionist. Just because Apple system is significantly safer, now all security flaws in other's OS are all imaginative. Talks about head in the sand.
From a technical point of view, Android's system lies somewhere between OS X and iOS -- its method of restricting app installations by default is virtually identical to Gatekeeper on OS X, and unlike OS X it sandboxes all apps, not just apps from the app store. The main feature that sets iOS apart from either Android or OS X is that iOS essentially requires all apps to be approved by Apple, either directly through the App Store review process, or indirectly if they are installed using a temporary developer certificate. It's not really intended to be programmed like a traditional computer since everything the end user installs using a developer certificate will stop working once the certificate expires.
Speaking of issues, anyone know what the deal is with us-ore-00001.s3.amazonaws.com is? First time I'm asking for help. Little snitch is reporting it and it wants to update every 21 sec or less. This is on a computer that has really only contacted the iTunes Store, it's a media center only computer.
Really would appreciate the help here. My searches, from an iPad, do not look promising. I have a scheduled call with Apple, but in the past they never seem to know much. They play the beginner game... "Unplug your computer" "plug it back in" "repair permissions".
I truly would appreciate the help from someone who actually knows what it is.
Thank you in advance.
Try G4Monster's tip
P.S. Let us know if it works.
I find it difficult to only use the App Store for software downloads. There are a lot of good apps that for one reason or another are not available there.
The article is referring to the iOS app store in iTunes, not the MacOS App Store. The point is you have to have jailbroken your iPhone to even install one of the miscreant apps.
"choosing to "Trust" app installs that iOS identifies as being from an "Untrusted App Developer." . In other words supposed enterprise apps, something not at all uncommon for users of iOS in business environments. Apple makes it very easy to do too. It doesn't mean that iOS users should be concerned, just aware.
http://appleinsider.com/articles/14/11/10/wirelurker-masque-attack-malware-only-a-threat-for-users-who-disable-apples-ios-os-x-security