More News
HACK ATTACK

Check your smartphone RIGHT NOW because these apps could let hackers bleed you dry

Researchers sound the alarm about dozens of popular apps which could leave you vulnerable to cyber crooks

By ROD CHESTER and News Corp Australia Network
7th February 2017, 5:20 pm
Updated: 7th February 2017, 5:21 pm

SECURITY experts have identified a new flaw found in dozens of popular iPhone apps that could let hackers gain access to your sensitive data including banking details.

Infosec expert Will Strafach has published a blog post warning that a scan of popular apps on the Apple App Store had found 76 apps vulnerable to attack, with a “backdoor” which would allow a hacker to carry out “man in the middle” attacks that let them access the data being sent from the phone to the cloud,

Getty Images
Hackers are always looking for opportunities to strike

The blog post names 33 apps that are vulnerable to attack, including banking apps and another that lets people locate their car and remotely unlock it.

The apps named in the blog post today are considered low risk, but Strafach warns there are 43 apps that are high or medium risk of being hacked which will be named in a few weeks after the app developers have been given the chance to fix the flaw.

Strafach said the security hole “is derived from networking-related code within iOS applications being misconfigured in a highly unfortunate manner”.

Several of the apps on the list released today are add-on apps for Snapchat users, including apps to upload photos and videos to Snapchat and apps for increasing Snapchat contacts.

Mr Strafach said the type of flaw meant Apple was not able to issue a widespread fix, because to address the problem in that way would make the apps more vulnerable to attack.
Getty Images
The iPhone is known to be super secure, but hackers are always looking to test Apple’s normally iMpregnable defences

“The onus rests solely on app developers themselves to ensure their apps are not vulnerable,” he said.

The blog post contains the full list of apps named and shamed so far.

Mr Strafach says the bad design was mainly a problem when the phone was connected to a wi-fi network.

“If you are in a public location and need to perform a sensitive action on your mobile device (such as opening your bank app and checking your account balance), you can work around the issue by opening “Settings” and turning the “Wi-Fi” switch off prior to the sensitive action,” he said.

Related Stories

GOOG THINKING
Google reveals money-saving Boxing Day 'fridge trick' for millions of Brits
PS WOW
PS5 gamers have to play these top five console releases from 2024

“While on a cellular connection the vulnerability does still exist, cellular interception is more difficult, requires expensive hardware, is far more noticeable, and it is quite illegal (within the United States).

“Therefore, it is much less plausible for an attacker to risk attempting to intercept a cellular data connection.”

We pay for your stories! Do you have a story for The Sun Online news team? Email us at tips@the-sun.co.uk or call 0207 782 4368

Exit mobile version