The Apple iOS mobile operating system has a major security flaw that leaves a large portion of iPhones and iPads vulnerable to security breaches by cybercriminals looking to hijack devices and steal sensitive information.
The "Masque Attack" exploits the Apple enterprise/ad-hoc provisioning system, and is a powerful vulnerability that cybercriminals can easily exploit. Apple is working to fix the bug after being informed by cybersecurity experts in July, FireEye said.
Here is what the FireEye blog notes: "Masque Attacks can pose much bigger threats than WireLurker. Masque Attacks can replace authentic apps, such as banking and email apps, using attacker's malware through the Internet. That means the attacker can steal user's banking credentials by replacing an authentic banking app with malware that has identical UI."