Mobile Malware - Masque - The Latest Malware Threat To iOS Devices
Mobile malware has been around for a long time now but lately things have taken a turn for the worse as multiple threats to iOS devices have surfaced. It also appears that Android-based smartphones and tablets could also be affected because of the introduction of the new Lollipop operating system. No longer do we need to worry solely about the worst Malware threats for Desktop.
Organisations that embrace enterprise mobility are particularly at risk from the latest malware villains which attack the enterprise provisioning feature. While those businesses that use MDM or EMM will be safe, those without such protection risk having data stolen and are wide open to infection.
The latest malware threat is called, “Masque”. An iOS app installed using the operating system’s ad-hoc provisioning feature is usually targeted or Masque just replaces a genuine app downloaded via the Apple App Store. There is however, one key aspect; both apps have to use the same bundle identifier. For instance, an in-house mobile program could use an app’s actual name to trick the user into installing Masque and it’s at this point that the genuine software is substituted for the malware. This could potentially impact on every application that does not come on iPads and iPhones.
Once successfully installed, Masque makes it possible for hackers to lift information from any app that it replaces. Think about the implications; if the user unwittingly downloads Masque in place of a banking app, all their stored data and future information will be at risk. Hackers would have access to login passwords, banking credentials, emails etc. The attacks are very similar to those by WireLurker, although Masque has actually expanded and improved on what the original malware does; an extremely worrying development for the future.
What About Android
Masque currently affects jail-broken devices running iOS 7.1.1, 7.1.2, 8.0, 8.1 or 8.1.1 beta. In the light of the 2014 Moto X Android device that supports Lollipop OS, it could be that all mobile devices are now at risk from this latest breed of malware.
Masque spreads through the airwaves leaving devices like LG G Watch and the G Watch R vulnerable thanks to the new Android OS feature that allows automatic unlocking within range of Bluetooth devices. If adapted correctly, Masque could threaten the Lollipop-based Android tablets and smartphones.
What Action Should You Take?
The average mobile device user will probably not be affected by Masque or any similar mobile malware, so don’t panic. That said, IT departments should be careful about placing their trust in end users and users must stop downloading from untrustworthy sources. Here are some basic Tips for locating and Malware Removal.
The best course of action for BYOD enterprises is to put strategies in place to protect their employees and their data from such threats by using EMM Tools. EMM will allow employees to carry out all business-related work in secure mobile environments whilst keeping their own personal information safe.
Image source: phonesltd