Security researchers have discovered that the company "Tim Hakinj" Hacking Team is already commonly used on the EOS system "App Store" shop to steal user data modified versions of most applications.And the payment of leaking massive amounts of data of a breakthrough Hacking Team company, originally specialized in spy gadgets and surveillance industry for governments, researchers company "FireEye" FireEye to study the type of attacks that were used by this company.
Among the attacks discovered by the company "FireEye", specialized in the field of information security, applications were prepared to be used as weapons in the more applications list common on the "App Store" store of the Apple, including Facebook, and Watts in August, and Viper, and Google Chrome, and Talagram, and Skype, in order to steal users' data.
"FireEye" explained that Hacking Team amended applications to disappear from the eyes of everyone, and works with him look like a formal application, while you silently stealing users' data in the background.According to the company, the library is injected into the applications able to steal voice recordings on Skype, WWE Chat and other chat applications, and to intercept text messages on Skype, and Watts in August, and Facebook Messenger, and the theft of browsing history on Google Chrome.
They can also steal phone calls, text messages and content and service "Aamsj" iMessage, in addition to recording Global Positioning System GPS coordinates, and contact information, and images."FireEye" said The Kbuthaih applications benefited from electronic attack previously discovered, known as the "mask" Masque, to make it possible to install them above the official applications, and so by paying user to install what they seem "benign applications."
Although the company, which was discovered by way of the attack, had been informed by Apple last year have been fixed in the 8.1.3 version of "EOS" smart operator system to its organs, but its new report proves for the first time that the attack had already been used.
Although the loophole exploited by attack "mask" may repaired, which means the impossibility to install malicious applications on top of the official applications, but it is still hackers can "malicious applications ID" amendment and circumvent it and install it along with any formal application if they can trick the user to Thbytha.
Referred to the attack does not require a device nimble "broken constraint" Jailbreak to enter it, the matter, according to the company, "FireEye", such as easy to trick the user to click on a link within the installed e-mail message.
No comments:
Post a Comment