It generally goes without saying that if you are using any type of medium to connect to an unknown network or public Wi-Fi then the greatest of care should be taken at all times. Not only are these types of networks extremely insecure because they’re available to the masses at popular points-of-interest, but they can also be a breeding ground for countless unseen and unnamed threats lurking in the digital darkness. A recent investigation from Skycure has shown that insecure public networks can also provide stealth access to our iOS apps to potential attackers using HTTP request hijacking methods.
It may sound a little too technical to the average consumer who use their iOS device in Starbucks to read the latest news or check what the weather is going to be like later that evening. However, if you take away that level of naivety from the situation then you are left with a threat that is very real and potentially very dangerous for the unsuspecting iOS user involved. The research into the vulnerability has essentially concluded that intruders are potentially able to access an iOS device via a running app when connected to the same network.
It is worth noting that this particular method of compromising a running iOS app is only useful to the malicious person involved if the app makes some form of communication with an external server. Because the whole thing takes over the app’s HTTP requests, hence server communication is a requirement for the vulnerability to exist. With that being said, a great deal of modern apps regularly send and receive data to and from a server, which is especially true for some of the most popular apps available like Facebook, Instagram and pretty much any news reading app out there.
The nuts and bolts of the attack are extremely simple and involves intercepting the outgoing server requests and continually altering the address that the app pulls its information from. Rather than having your favorite news app go directly to the intended server for the latest stories, the intruder could potentially take over the HTTP request and force the app to pull data from elsewhere. Of course there is no direct indication that this type of attack is happening right now on any of our apps, but Skycure‘s Yair Amit has tested a number of high profile apps and found them to be "vulnerable".
Rather than just demonstrating the issue and get all of our worry levels up to an all time high, Skycure has actually taken it upon themselves to outline a relatively simple fix which app developers can implement. The solution involves preventing the required web caching from taking place, thus allowing us all to read our news in peace. It may be a while until developers can get this fix implemented, so connect to those public networks with extreme caution.