Horrendous Apple 'Keylogger' Flaw Lets Hackers See Everything You Do On Your iPhone
The flaw takes advantage of the way iPhone lets certain apps run in the "background" while you're doing other things. When you listen to iTunes or Pandora, for instance, the music plays in the background, allowing you to continue surfing the web or checking Facebook without interrupting the songs.
But FireEye says that while an app runs in the background it can monitor what you're doing on the phone, including tracking what you type onto the touchscreen. The flaw is an advanced vulnerability for iPhone because previously "keylogger" malware could only track what you type on an actual keyboard. The security advantage of the touch screen is that the screen is basically one giant undifferentiated button. Not any more, according to FireEye:
We have created a proof-of-concept "monitoring" app on non-jailbroken iOS 7.0.x devices. This "monitoring" app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.
The flaw even lets hackers know when you're turning the volume buttons up or down. We saw this news first on Ars Technica, which noted that FireEye's warning says that the tracked info can be sent to a remote server.
It's the second major security gap in Apple's iOS mobile operating system to make news this week. Previously we told you about "Gotofail," a vulnerability that affects every single Apple device, whether it's an iPhone, iPad, or desktop or laptop computer. Gotofail is a flaw in the encryption used to make transactions such as credit card purchases secure over the web. That flaw has been fixed with downloadable system updates - which you can learn about here.
Keylogger hacks have been developed for iPhone before, but those pieces of malware only worked on "jailbroken" phones that have been unlocked from Apple's system settings that (among other things) tether your phone to a specific wireless carrier. Anyone who didn't hack their own phone remained protected, in other words.
It's important to note that FireEye is saying this vulnerability exists - it's not saying that hackers are using it, yet.
Until Apple develops a fix, there is a workaround you can use to make sure that apps in the background aren't "listening" to what you're doing on your phone: You can switch them off, by double-tapping the home button and manually swiping upward any app that appears in the menu on the lower portion of the screen. This closes apps that are running in the background.