this post was submitted on 15 Feb 2024
158 points (93.9% liked)

Apple

17241 readers
2 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
 

cross-posted from: https://lemmyf.uk/post/5813538

First ever iOS trojan discovered — and it’s stealing Face ID data to break into bank accounts

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 9 months ago* (last edited 9 months ago) (1 children)

Lazy journalism. The two variants showcases exactly how iOS is more secure and how much harder it is to get on the device as well as attempt to extract info.

Few quick points to answer questions outlined here:

  1. Android and iOS Variants behaves differently. Due to security measures (as outlined in this post itself) iOS variant cannot actually extract facial recognition data. Instead, it takes photos of user with prompts about shifting their face and blinking etc. The setup here is because Thailand’s central bank requires banks to perform facial recognition to withdraw larger sums of money. By stealing your face in multiple photos, they could build a deep fake of your face to be used in another device later.
  2. Due to the way security works on iOS, the iOS variant cannot exfiltrate SMS messages directly. There is simply no permission to do such. Instead, it tricks users into installing a SMS filtering extension “to prevent fraudulent SMS” — this allows attacker to read incoming SMS, but only from unknown numbers. The hopes here is that they could intercept your MFA received via SMS at a later date.

If anyone wants to do the full reading, it is available from Group-ib directly.

And yes, this further cements my thoughts about EU making a terrible move forcing Apple to enable side loading as it adds additional vectors for bad actors to get into a currently much more secure and harder to invade device.

[–] [email protected] 4 points 9 months ago* (last edited 9 months ago)

If (when) this allows iOS Trojans through side loading you better believe that Apple will throw it all back at the EUs doorstep. I’m gonna howl how idiots thought it would make things “better”.

Of course many of those people that “want side loading” don’t give two craps about users. They just wanna see Apple knocked down a peg because of their sad little lives.

Wanna make things better in a way that gets my approval, kill all subscription models and just pay for genuine software updates that need to be justified through the new features they add.