Malicious app could steal your data for an unlimited time

Aug 27, 2015 13:25 GMT  ·  By

The FireEye mobile researchers have discovered a security flaw in Apple's iOS mobile operating system that runs on iPhone, iPad, and iPod touch devices. The FireEye team calls the vulnerability "Ins0mnia."

According to FireEye's comprehensive report, Ins0mnia could allow a malicious application to run in the background even if you close it, remove it from the task switcher by swiping up or down so that the application no longer appears in the task manager, or lock your device, by bypassing Apple's background restrictions.

In the lengthy article, FireEye explains how third-party apps interact with Apple's iOS mobile operating system and how the company tries to protect iOS users by limiting the time an app runs in the background, so you can understand the gravity of the Ins0mnia vulnerability in iOS 8.4. Long story short, a carefully crafted app could steal data from your device and you wouldn't even know it.

"To fool iOS, a malicious application could leverage ptrace, and utilize the ptrace code that handled the PT_TRACE_ME request to set the flag P_LTRACED and gracefully return 0. By setting the P_LTRACED flag, the application prevented the assertiond process from suspending the malicious application. Note that PT_TRACE_ME was a request made by the traced process to declare that it expected to be traced by its parent," writes FireEye in their in-depth report.

Update to iOS 8.4.1 to fix the issue

Thankfully, Apple has fixed the issue with the recently released iOS 8.4.1 hotfix update, and that's why we always recommend keeping your devices up to date at all times. When you see a new update released for your device, don't think twice, apply it.

In conclusion, if you're still running iOS 8.4 or lower versions on your iPhone, iPad, or iPod touch devices, you are urged to update to iOS 8.4.1 as soon as possible. In the meantime, watch the demo video below to see Ins0mnia in action, courtesy of FireEye.