.jpg "Real estate market in the south of Hai Duong city is bustling")
.jpg "Extremely dangerous forest fire risk in Kinh Mon, Chi Linh")
-ac017d3d3ce25d3405471795d6bb26f0.jpg "Gia Loc needs over 10 billion VND to invest in renovating and expanding landfills.")
Submit a comment
Mobile security experts have discovered a new trick by cybercriminals to hack people's iPhones through third-party keyboard apps.
Keyloggers, or 'keystroke trackers', are being used by hackers to bypass strict security walls on Apple devices.
Attackers are exploiting this loophole to capture private messages, browser history, and even passwords of iPhone users, reports Russell Kent-Payne, director of mobile security firm Certo Software.
Research into this threat began after several recent reports of cyberattacks against iPhone users.
During the investigation, experts discovered that all affected devices had a malicious third-party keyboard app installed.
What makes this attack special is that hackers don't need to hack the device directly or gain access to iCloud.
Instead, they used Apple's TestFlight platform to distribute the malicious keyboard software because apps on the TestFlight platform are not required to undergo the same rigorous security review process as those on the App Store.
Apple has long required apps to pass a security review before being included in the App Store before they can be installed on iPhones and iPads.
This check will prevent malicious applications from entering the device to perform harmful activities.
However, TestFlight is a tool created by Apple to help developers distribute unofficial (beta) apps to a select group of users before releasing them on the App Store to everyone.
With TestFlight, developers can invite up to 10,000 testers to install their app.
Once the malicious keyboard is installed on the user's device, it automatically replaces the iPhone's default keyboard with an interface similar to the original keyboard.
Malicious keyboards that act as keyloggers automatically record everything the user types and send the data to the hacker's server.
What iPhone users need to do to check and protect themselves
To check if an iPhone has a malicious keyboard installed, iPhone users need to open Settings, go to Keyboards and check the list of installed keyboards.
If you find an unfamiliar keyboard with Full Control enabled, it could be a cause for concern. In this case, users should remove suspicious keyboard apps.
iPhone users should also consider using antivirus software on their Macbook computers, as they can scan the iPhone or iPad for malware if the device is connected to the Macbook via USB.
At this time, Apple has not officially commented on this attack method, so iPhone users need to pay attention to the latest patches to promptly update their devices.
According to Vietnamnet