Jump directly to the content
HACK ATTACK

Check your smartphone RIGHT NOW because these apps could let hackers bleed you dry

Researchers sound the alarm about dozens of popular apps which could leave you vulnerable to cyber crooks

Hackers are always looking for opportunities to strike

SECURITY experts have identified a new flaw found in dozens of popular iPhone apps that could let hackers gain access to your sensitive data including banking details.

Infosec expert Will Strafach has warning that a scan of popular apps on the Apple App Store had found 76 apps vulnerable to attack, with a “backdoor” which would allow a hacker to carry out “man in the middle” attacks that let them access the data being sent from the phone to the cloud,

Hackers are always looking for opportunities to strike
2
Hackers are always looking for opportunities to strikeCredit: Getty Images

The blog post names 33 apps that are vulnerable to attack, including banking apps and another that lets people locate their car and remotely unlock it.

The apps named in the blog post today are considered low risk, but Strafach warns there are 43 apps that are high or medium risk of being hacked which will be named in a few weeks after the app developers have been given the chance to fix the flaw.

Strafach said the security hole “is derived from networking-related code within iOS applications being misconfigured in a highly unfortunate manner”.

Several of the apps on the list released today are add-on apps for Snapchat users, including apps to upload photos and videos to Snapchat and apps for increasing Snapchat contacts.

Mr Strafach said the type of flaw meant Apple was not able to issue a widespread fix, because to address the problem in that way would make the apps more vulnerable to attack.

The iPhone is known to be super secure, but hackers are always looking to test Apple's normally iMpregnable defences
2
The iPhone is known to be super secure, but hackers are always looking to test Apple's normally iMpregnable defencesCredit: Getty Images

“The onus rests solely on app developers themselves to ensure their apps are not vulnerable,” he said.

The blog post contains the full list of apps named and shamed so far.

Mr Strafach says the bad design was mainly a problem when the phone was connected to a wi-fi network.

“If you are in a public location and need to perform a sensitive action on your mobile device (such as opening your bank app and checking your account balance), you can work around the issue by opening “Settings” and turning the “Wi-Fi” switch off prior to the sensitive action,” he said.

Related Stories

Epic Games holds advent calendar giveaway with a free game every day
HOLIDAY DEALS

Epic Games holds advent calendar giveaway with a free game every day

Got a new phone this Xmas? Warning over DANGEROUS common cable mistake
WIRES CROSSED

Got a new phone this Xmas? Warning over DANGEROUS common cable mistake

Ancient Terracotta Warrior general found in 1st discovery of its kind after 30yrs
RARE FIND

Ancient Terracotta Warrior general found in 1st discovery of its kind after 30yrs

Christmas warning for millions over common scam that empties bank in seconds
EMPTY STOCKING

Christmas warning for millions over common scam that empties bank in seconds

“While on a cellular connection the vulnerability does still exist, cellular interception is more difficult, requires expensive hardware, is far more noticeable, and it is quite illegal (within the United States).

“Therefore, it is much less plausible for an attacker to risk attempting to intercept a cellular data connection.”

We pay for your stories! Do you have a story for The Sun Online news team? Email us at [email protected] or call 0207 782 4368

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU