Mobile and Phones Tech & Gadget

Hackers Can Attack Your Phone Via 76 Popular iOS Apps

File Photo: Hackers
    • Will Strafach, a security expert, has posted a list of apps at risk on his blog
    • Apps are vulnerable to attack when data is sent from the phone to the cloud
    • Hackers might be able to intercept financial or medical details
    • Apps under threat include Uconnect Access, Music Tube, and Gift Saga

    A security expert has identified dozens of popular iPhone apps that are at risk of being hacked.

    The apps become vulnerable to attack when users send data from the phone to the cloud via Wi-Fi.

    A range of apps have been identified as being at risk, including banking apps, messenger apps and even an app that lets people locate their car and lock it remotely.

    Scroll down to see which apps are affected

     The infosec expert Will Strafach published a list of 76 popular apps on his blog that he believes are vulnerable to data interception from hackers (stock image) 

    The infosec expert Will Strafach published a list of 76 popular apps on his blog that he believes are vulnerable to data interception from hackers (stock image)

    WHAT ARE THE RISKS?

    For 33 of the apps, their vulnerability was deemed low risk – this means the data that is vulnerable to interception is only partially sensitive.

    24 of the apps were deemed medium risk – so hackers would be able to intercept service login details and more sensitive information.

    For 19 of the apps, the vulnerability was high risk and hackers would be able to intercept financial or medical service login details.

    Will Strafach, CEO of Sudo Security Group, a mobile security firm specializing in mobile protection and app security evaluation, published a blog post warning that dozens of iOS applications were vulnerable to silent interception of data that should be protected.

    According to the security expert, there are 76 popular apps which could have data that could be intercepted and manipulated in an attack.

    He said these apps had a ‘backdoor’ which would allow the hacker to carry out ‘man in the middle’ attacks when data was sent from the phone to the cloud, reported news.com.au.

    Mr Strafach said the security hole ‘is derived from networking-related code within iOS applications being misconfigured in a highly unfortunate manner’.

    The infosec expert said it was mainly a problem when the phone was connected to Wi-Fi.

    He offered advice for people who wanted to reduce the risk of being hacked: ‘If you are in a public location and need to perform a sensitive action on your mobile device (such as opening your bank app and checking your account balance), you can work around the issue by opening “Settings” and turning the “Wi-Fi” switch off prior to the sensitive action.’

     Such attacks could be conducted by any party within Wi-Fi range of the device when it is in use. There have been 26 instances of this happening over the past few years (stock image)

    Such attacks could be conducted by any party within Wi-Fi range of the device when it is in use. There have been 26 instances of this happening over the past few years (stock image)

    HOW TO REDUCE YOUR RISK

    If you are in a public location and need to perform a sensitive action on your mobile device (such as opening your bank app), you can work around the issue.

    Open ‘Settings’ and turn the ‘Wi-Fi’ switch off prior to the sensitive action.

    According to the security expert, it is much harder for a hacker to intercept data from a cellular data connection.

    According to the security expert, it is much harder for a hacker to intercept data from a cellular data connection.

    Due to the type of flaw with the app, Mr Strafach said it would not be possible for Apple to address the problem in a widespread fix because it would make other apps more vulnerable to attack.

    Instead, he believes it is the responsibility of app developers to make sure their apps are not vulnerable.

    Mr Strafach said he would post his next update in 60 to 90 days to document the responses of the companies in question.

    He chose not to post a list of apps deemed at medium or high risk because the information is currently only available to limited parties.

    Apple has been contacted for comment.

READ ALSO:   David Opateyibo Is Building Nigeria’s First Locally-Made Drone

About the author

Eric P

I am an ardent reader and love to learn anything from archaeology to zoology, you can call me "Jack of all trades, master of all".

I love to write and that's exactly what I do at GhanaNation.com. I write on almost everything but my passion is on relationships. I believe it's the foundation of mankind, without it, we wouldn't be here.

Anybody I've come in contact with, admonishes me to be a relationship therapist, so who knows? Maybe that is what the future holds for me...