iOS vulnerability can lead to the Apple ID theft-vulnerability warning-the black bar safety net

2015-09-18T00:00:00
ID MYHACK58:62201567098
Type myhack58
Reporter 佚名
Modified 2015-09-18T00:00:00

Description

In yesterday's release of the iOS 9 upgrade, Apple repair Alibaba Mobile Security Team discovered three security vulnerabilities: CVE-2 0 1 5-5 8 3 8, CVE-2 0 1 5-5 8 3 4, CVE-2 0 1 5-5 8 6 8 The. ! Wherein the CVE-2 0 1 5-5 8 3 8 this vulnerability can let hackers in a non-jailbroken iPhone 6 on line phishing attacks and steal Apple ID password. First look at the demo: the

demo though is on iOS 8.1.3, but until iOS 9 Apple for repair. In this demo, the App Store is genuine system app, but the pop up login box but not the App Store, but another to run in the background of the app is a forgery. But because of the fake login box and the Apple Store itself, the login box is exactly the same, so the user hardly would have noticed, and habitually enter the Apple ID password, and ultimately lead to account theft. We know that in the iOS sandbox Policy, an app can only run in their own sandboxed space, the theory is unable to affect other apps, but the iOS system if the design flaws could lead to a sandbox escape, such as the CVE-2 0 1 5-5 8 3 8, and then the system of the other application or file impact. This vulnerability of the specific details can refer to ASIACCS2015 papers. CVE-2 0 1 5-5 8 3 4 and CVE-2 0 1 5-5 8 6 8 the kernel layer of the information disclosure and code execution vulnerabilities, by which the two vulnerability composition, a hacker can obtain the kernel information, and execute arbitrary code. Both vulnerabilities specific details can refer to the BlackHat 2 0 1 5 on the subject. To user advice: the best defense of course is to upgrade the iOS to 9. To 0. But because some of the iOS of old models(such as iPhone 4, etc.) has been unable to support the latest version of iOS, so no upgrade cases, the user to be vigilant of suspicious background application, in the Enter the password when the try to ensure that the background no other applications running. In addition, don't install any enterprise applications, because these applications without App Store review, so its security could not be guaranteed.