When it comes to smartphone security, depending on recent malware attack reports, iPhone is considered the safest option compared to Android. Though technology experts claim that the iPhone's security is far better than what Android users receive, it doesn't mean that it is a hack free device, as recently security researchers found a bug that can make the device extremely vulnerable.
There are several reports on hundreds of malware-infected apps on Android devices, but now experts found a new bug in the iPhone which can provide leverage to a hacker to lock a user out of the phone and increase the vulnerability with malicious iMessages.
iPhone threat report
Earlier a software-as-a-service firm specializing in mobile security, Wandera, detected 17 apps at App Store which are malicious in nature as they were found to contain Trojan malware. All of these apps belonged to the same developer but varied in nature.
Wandera explained that "the clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction."
The list includes internet radio, a restaurant finder, EMI calculator, contacts manager and video editor.
Later, it was revealed that Facebook might be spying via iPhone cameras without a user's knowledge. When a user scrolling through the Facebook app on the iPhone, the social network probably gains access to the device's camera, as some concerned users have pointed out. Several iPhone owners reported that their phone cameras were turned on in the background while browsing through posts on the Facebook app.
Recent malware campaign against iOS
There were rumors about the planning of a digital attack by hackers who were supposedly producing malware variants specifically coded for iOS. Now it is confirmed that a malware campaign, which targets only iOS devices, was spotted.
Researchers at Media Trust's Digital Security and Operations detected the new malware campaign called Krampus-3PC, which is targeting iPhone users. In their recent report, the experts claimed that this unique malware is capable of using several techniques to deliver the payload and avoid being detected by conventional scanning and blocking technology.
The malvertising campaign, which made headlines for compromising adverts in their hundreds of millions within hours in April 2019, was employed to distribute the Krampus-3PC malware. The report clearly stated that the campaign is affecting iPhone users of over 100 publisher websites, many of which were UK online newspapers and international weekly news magazines.
How this malware is affecting iPhone users?
In the report, researchers mentioned that the malware delivered the payload using a multi-stage redirect mechanism and two obfuscation methods to dodge conventional scanning and blocking tools. "While most malicious campaigns use one method of redirection, Krampus-3PC employed a backup method to ensure users were redirected to the fraudulent popup masquerading as a global grocery store reward ad," it said. Moreover, the malware "hoovered up user-session information, including cookies from a widely used adtech vendor," the report added.
As an example, the Media Trust DSO report stated that if an iPhone user had other sites like their bank or favorite online retailer open, Krampus-3PC could gain access to the user's account. Here it should be mentioned that the researchers chose not to name the advertising platform and publications assisting the malware campaign to fulfill its demands, but it is understood that the compromised advertiser has now been banned from that platform.
But still, the iPhone users should stay vigilant as the Krampus-3PC can use a different platform to target devices.