New iOS flaw allows malicious apps to record touch screen presses<article>
<section class="page">
<p>
Security researchers identified a vulnerability in iOS that allows apps to record all touch screen and button presses while running in the background on non-jailbroken devices.</p><p>
Since the touch screen is the primary input interface on an iOS device, this attack is the equivalent of keylogging. An attacker could use the captured touch data—X and Y axes coordinates—to determine what characters victims inputted using the on-screen keyboard.</p><p>
The vulnerability has been confirmed in iOS versions 7.0.6, 7.0.5, 7.0.4 and 6.1.x by researchers from security firm FireEye who identified the issue and reported it to Apple. The researchers also claim they found ways to bypass Apple’s app review process which could allow uploading an app with such touch screen monitoring capabilities in the App Store.</p><p class="jumpTag"><a href="/article/2101580/new-ios-flaw-allows-malicious-apps-to-record-touch-screen-presses.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
New iOS flaw allows malicious apps to record touch screen presses
