Home page logo

dataloss logo Data Loss mailing list archives

Apple App Store was vulnerable for more than Half year
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Mon, 11 Mar 2013 09:13:57 -0400


A Google developer helps Apple to fixed a security flaw in its
application store that for years has allowed attackers to steal
passwords and install unwanted or extremely expensive applications.

Security loophole allowed attacker to hijack the connection, because
Apple neglected to use encryption when an iPhone or other mobile
device tries to connect to the App Store.
Researcher Elie Bursztein revealed on his blog that he had alerted
Apple of numerous security issues last July but that Apple had only
turned on HTTPS for the App Store last week.

An attacker only needs to be on the same network as the person who is
using the App Store. From there, they can intercept the communications
between the device and the App Store and insert their own commands.

The malicious user could take advantage of the unsecure connection to
carry out a number of different attacks i.e steal a password, force
someone to purchase an app by swapping it with a different app that
the buyer actually intended to get or by showing fake app updates,
prevent a person from installing an app by making it disappear from
the App Store or force the App Store to show the entire list of apps
installed on a device.

Bursztein has posted some videos that show the App Store holes in
action, a couple of which can be found below:

He said that he alerted Apple to his findings back in early July of
2012, and Apple only turned on HTTPS encryption at the end of January
and even the App Store existed for years without having HTTPS
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list


Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

  By Date           By Thread  

Current thread:
  • Apple App Store was vulnerable for more than Half year Erica Absetz (Mar 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]