Touch input being monitored in the background  (Source: FireEye)
No fix from Apple for this issue yet

Security researchers have already proven that apps can be placed on Jailbroken iOS devices that enable background monitoring by third parties. However, security researchers from FireEye have announced that they have found a vulnerability on iOS 7 devices that allows the bypassing of the official app review process and allows the exploitation of iOS device that aren’t even jailbroken.
The researchers say that they created a proof-of-concept monitoring app that is able to record all the user’s touch/press events in the background. The app can also record touches on the screen, home button presses, volume button presses, and Touch ID presses. That data can then be sent to any remote server.
Attackers using this vulnerability could then use the data to reconstruct all the characters entered in by the victim.  The demo app that the researchers created exploits iOS 7.0.4 on a non-jailbroken iPhone 5S smartphone. The exploit has also been verified as working on iOS 7.0.5, 7.0.6, and 6.1.x.
The researchers say that users of iOS 7 can turn off Background App Refresh to mitigate the vulnerability, however, music apps are able to play music in the background without needing to enable Background App Refresh. That means that apps can disguise themselves as a music app to conduct background monitoring. 
The researchers say that until Apple issues a fix, the only way to stop this is to stop all apps from running in the background.
Word of this exploit comes just days after Apple patched a serious SSL flaw in both OS X Mavericks and iOS 7.

Source: Fireeye

"So, I think the same thing of the music industry. They can't say that they're losing money, you know what I'm saying. They just probably don't have the same surplus that they had." -- Wu-Tang Clan founder RZA

Most Popular ArticlesProblems with Windows 10 – Update Now
October 15, 2016, 7:30 AM
End of the Road for the Audi R8 e-tron
October 15, 2016, 5:00 AM
Is Razer Blade Stealth Laptop For You?
October 16, 2016, 5:00 AM
Bluetooth Saves Lives
October 16, 2016, 7:05 AM
IBM – Cloud Object Storage Cheaper than Amazon S3
October 14, 2016, 5:00 AM

Latest Blog Posts
T-Mobile Data Problems
Saimin Nidarson - Oct 20, 2016, 10:17 AM
IMEX America Trade Show
Saimin Nidarson - Oct 9, 2016, 10:00 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki