|
There was the potential for hacks using a newly
identified technique known as the "Masque Attack," the
government said in an online bulletin from the National
Cybersecurity and Communications Integration Center and the U.S.
Computer Emergency Readiness Teams.
The network security company, FireEye Inc <FEYE.O>, disclosed
the vulnerability behind the "Masque Attack" earlier this week,
saying it had been exploited to launch a campaign dubbed "WireLurker"
and that more attacks could follow. [ID:L2N0T01H2]
Hackers could potentially steal login credentials, access
sensitive data stored on iOS devices and remotely monitor
activity on those devices, the government said.
Such attacks could be avoided if iPad and iPhone users only
installed apps from Apple's App Store or from their own
organizations, it said.
"We designed OS X and iOS with built-in security safeguards to
help protect customers and warn them before installing
potentially malicious software. We're not aware of any customers
that have actually been affected by this attack," Apple said in
an emailed statement to Reuters.
Users should not click "Install" from pop-ups when surfing the
web. If iOS flashes a warning that says "Untrusted App
Developer," users should click on "Don't Trust" and immediately
uninstall the app, the bulletin said.
(Reporting by Jim Finkle; Editing by Bernadette Baum and Stephen
Coates)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
|
