Researchers related to security at FireEye discovered that malware can be installed over genuine iOS apps.
iOS developers and enterprises often use ad-hoc/enterprise provisioning system of Apple to deploy application directly on devices these apps downloaded directly from any server without using Apple’s App store. Researchers have discovered that an iOS application installed using enterprise/ad-hoc provisioning on device could easily replace another legitimate application installed through the App Store, if they have the same bundle id. Bundle id is basically a unique app id Apple uses it to identify individual apps.
SEE ALSO: Apple to tighten iCloud security
FireEye named this attack “Masque Attack,” Let see how it works Suppose I have the Outlook app on my iPhone installed through App store and I get link from someone to install a “new” version of Outlook and I do it, the genuine copy of Outlook could be replaced with a malicious version if both have same Bundle Id that could contain malware and get sensitive data from my device.
FireEye also created a demo video:
Although deploying application using ad-hoc/enterprise provisioning is legitimate way but after discovery of this vulnerability serious questions raises on iOS security that apple always promise with its customers.