Apple has responded to last week’s report about the ominous-sounding iOS cyber bug called “Masque Attack” and are telling customers to stay calm and only “download [apps] from trusted sources like the App Store.”
Apple is not denying the existence of the vulnerability, first reported by FireEye, but is downplaying its reach: “We’re not aware of any customers that have actually been affected by this attack,” the company said in a statement sent to news outlets.
Masque Attack lures iOS device users into downloading malicious apps through links via the web, email, or text messages. Those apps then mimic legitimate apps while stealing sensitive information from the phone.
As iMore pointed out, Apple posted guidelines for Enterprise users this week warning them only to download apps from their own organization or Apple’s App Store, which has a screening process for malicious software.
Apple’s statement goes to say, “We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software.”
Bottom line: When tapping that “trust” button to install an app, don’t forget: trust but verify.
[h/t: San Jose Mercury News]