IOS Phishing Attack Masks Itself As Apple-Style Password Request


IOS Phishing Attack Masks Itself As Apple-Style Password Request

According to Krause, "Showing a dialog that looks just like a system popup is super easy, there is no magic or secret code involved, it's literally the examples provided in the Apple docs, with a custom text".

Apple iOS users are being warned to be aware of malicious popups after a mobile app developer published a proof-of-concept phishing attack that mimics a login prompt using a website popup. A little pop-up appears, you roll your eyes, and dutifully enter your password. In order for it to be remedied, Krause says that Apple could make adjustments to the way apps request Apple ID passwords. "iOS should very clearly distinguish between system UI and app UI elements, so that ideally it's [.] obvious for the average smartphone user that something seems off", Krause says. As they fix significant issues, however, they are no less important. After that, you can send the tweet to the smaller screen for more interaction. The developer who made the discovery recommends that you simply don't enter your details into a popup, but rather dismiss it, and open the Settings app manually. The reason for that is that the system dialogs run on a different process, and not as part of any iOS app. He points to the exclamation mark used in some Push notifications, below. If pushing the button closes the app, and with it the popup, then it was a phishing attack.

The copycat popups actually require less than 30 lines of code to build, and they could feasibly end up in any otherwise legit iOS app on the App Store after sneaking past review teams. Apple is generally on the ball with this type of thing, and would take action if such a violation of its guidelines were detected.