November 24, 2024
New Vulnerability Discovered in iOS That Makes It Susceptible to Keylogging

New Vulnerability Discovered in iOS That Makes It Susceptible to Keylogging

Posted February 25, 2014 at 4:29pm by iClarified
A new vulnerability has been discovered in iOS that makes it susceptible to malicious keylogging or touchlogging.

FireEye reports that they've found approaches to bypass Apple's app review process effectively and exploit non-jailbroken devices. It appears that they were able to get their test app onto the App Store and now, according to the company, "We have been collaborating with Apple on this issue."

We have created a proof-of-concept "monitoring" app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.


The vulnerability is present in iOS 7.0.4, 7.0.5, 7.0.6, and 6.1.x. An attacker would need to misled customers into installing their app or they could exploit a remote vulnerability of another app and then conduct the background monitoring of their users.

Apple has yet to comment on the matter. Please follow iClarified on Twitter, Facebook, or RSS for updates.

Read More [via ArsTechnica]


New Vulnerability Discovered in iOS That Makes It Susceptible to Keylogging


Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (8)
You must login or register to add a comment...
King Rollo
King Rollo - February 26, 2014 at 5:41am
Turn the phone upside down and will it work?
Pigstacho
Pigstacho - February 25, 2014 at 9:36pm
Sure, iOS is really secure...
gamerscul9870
gamerscul9870 - February 25, 2014 at 10:46pm
In the future, 100%.
ratGT
ratGT - February 26, 2014 at 7:57am
@pig ---- And this is coming from? A user who's application store of his mobile OS includes antivirus and antimalware software?
dribble
dribble - February 25, 2014 at 6:15pm
So just use Siri to dictate. No keys pressed means no keys to log!
Tworok
Tworok - February 25, 2014 at 5:32pm
No it simply states that they did it to non jailbroken devices. So in turn make it simpler on the jailbroken ones
Iosjuggalo
Iosjuggalo - February 25, 2014 at 5:27pm
If I'm reading this correctly, is this article saying Jailbroken devices are immune? Since it specifically states "non Jailbroken". If so cool & Ironic since some say - jail breaking makes your device insecure.
gamerscul9870
gamerscul9870 - February 25, 2014 at 9:07pm
Exactly why jb is like asking for more than it is good enough where it is.
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS