New Bug Found in iPhone Which Stores User Input Data And Transfer To Remote Server

A new vulnerability has been found in iphone by Security Research firm FireEye.  The researchers at FireEye found out about a malicious Application which can work like a keylogger.  It is well known that the iPhone doesnt have much but apparently this malicious app is programmed keeping that in mind, therefore it can be safely said that this App may be first of the kind of ‘Touchloggers’. The App can read every touch or tap made by the user and record the same in its log.  This basically  means that this app can keep data of every movement made by the iPhone user.  As such even if the user locks or unlocks his/her iPhone or types anything or opens any App, this malicious App can record everything and send the logged or shall we say ‘touchlogged’ information to any external server.

Iphone vulnerability

FireEye is the same Security research firm which had previously discovered a major flaw/zero day vulnerability in Internet Explorer.  To read that article kindly visit here :

Read More: Zero Day Vulnerability Found in Internet Explorer By FireEye Security Researchers

FireEye Says that

“We have created a proof-of-concept “monitoring” app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.”


According to FireEye this malicious App which takes advantage of a key flaw in the iOS multitasking capabilities to allow the hackers/attackers to record the iPhone users every tap or swipe, has so far only been found in Non-Jailbroken iOS 7.0.x device which means that Jail broken iPhones are immune to this particular App.   FireEye has also said that the logged files containing the ‘touchlogs’ are then transferred to unknown command and control servers.

The Apps concept relies on Apple’s background refresh technology because an iPhone can run several apps in background and  can collect information of every touch made on device. iPhone has Option to turn off background refreshing of applications but researchers have said that disabling background refresh may not restrict the touchlogging of this malicious app.  FireEye gave the example of the “Music player App” on a iPhone.  The Music Player App keeps on continuously refreshing itself even if background refresh has been disabled by the user.  This App, FireEye says, works in a similar fashion, refreshing data even when background refresh is Disabled.

Until Apple releases Patch for this flaw or vulnerability, the only thing iPhone users can do is keep an eye on the running Apps in the Task Manager and kill any App/Task which seems unnatural.

4 COMMENTS

  1. Unlike the course and crass phrasing of the person who wrote in at 20:10, I will just diplomatically say that the creators of this site need to perform some serious PROOFREADING and grammatical adjustments if they want the article to be read by English speaking/comprehending people. It's a "bumpy ride" at best.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Read More

Suggested Post