More than App Store game and application storage vulnerabilities are vulnerable to hacker attacks

More than App Store game and application storage vulnerabilities are vulnerable to hacker attacks

More than 1000 apps in the Apple App Store have security vulnerabilities and are vulnerable to hacker attacks, according to a research report released by an industry-leading network security company.

A software named JSPatch used to help developers modify applications has a security vulnerability, which makes it easy to become a target for hackers. This security vulnerability is equivalent to leaving a backdoor on the device. Once hackers discover and exploit this backdoor, they can access photos, microphones, Clipboard data, and other features related to personal privacy.

 

This vulnerability was discovered by network security company FireEye. The company said 1220 apps in the Apple iOS app store may be affected.

"A cunning attacker may first write a legitimate and non-malicious application and then submit it to the Apple App Store for review. Once it passes the review and officially enters the Apple App Store, it can send illegal and malicious commands to devices ." Said Josh Goldfarb, Head of Emerging Technologies at FireEye.

The open-source tool JSPatch gives developers greater autonomy, but does not comply with the security standards apple is trying to adhere.

JSPatch is not a malware, but once its security vulnerabilities are exploited, data on your devices, or even other applications that users allow the software to access, it is very prone to illegal intrusion.

If the software can access Apple Pay or other mobile wallet, the problem will become very serious.

FireEye does not specify which applications are developed using JSPatch, But it reiterated that more than 1000 applications (or some game applications) in the Apple App Store are affected.

 

Autonavi provides some security suggestions to iOS users who are worried about malicious applications.

 

"Our suggestion is: Download only the applications you need, what you know, and what you believe ." He said, "Beware of applications that constantly send requests to you and require your approval, only those necessary requests ."

This is not the first time that security vulnerabilities have appeared in Apple's closed garden. Even so, Apple's App Store is still much safer than Google Play.

In last September, hundreds of iPhone applications were found infected with malicious XcodeGhost. This is the first big attack on the Apple App Store. Apple immediately removed several applications.

Such attacks are much more common on iOS devices that are "jailbroken.

"Attackers have been looking for ways to enter the closed garden of apple ." Said Bryce Boland, chief technology officer of FireEye.

FireEye has established partnerships with 2000 of fortune 650 companies in Forbes magazine. It predicts that malicious attacks against mobile devices will increase.

"Mobile devices are favored by attackers because their security measures are relatively weak compared with Laptops and Desktops ." "We will see more and more malicious attacks in mobile environments," said autonavi. Where there is copper smell, attackers will fly to where. Therefore, we will see more attacks against mobile devices ."