Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>CERT-MU Information Security News

CERT-MU Information Security News


76 Famous iOS Apps vulnerable to a silent man in the middle attacks

Experts have discovered that at least 76 of the most popular iOS apps available through Apple's App Store are vulnerable to a silent man in the middle attacks that can intercept and modify data in motion. It can be noted that the affected applications have been downloaded more than 18 million times. The problem is that these apps possess no protection against the devastating silent data interception of TLS-protected data.

Report shows that out that 33 of these vulnerable iOS apps were in the low-risk group, 24 in the medium risk group and 19 at high risk.

While the low and medium risk groups of apps are not vulnerable to confidential user data interception, 19 of the high risk apps pose a huge threat for users because they involve financial or medical services login credentials or session authentication tokens.  It can be noted that the vulnerability allows attackers to steal login and financial data of iOS users secretly.

The users of the affected iOS apps need to avoid using them on Wi-Fi networks.

 
Source:
Hack Read
 
Security Week
 
Security Affairs
 
SC Magazine
 
 
 
Contact Information
E-mail:
contact@cert.ncb.mu
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis