Grab It Now
Hacking iOS with Man in Middle attack
With a Main in the Middle [MIM] attack, someone hijacks your connection to a secure site, receiving everything sent by either party and passing it along, possibly with malicious changes. But a MITM attack ends when you disconnect from the network.
Cyber experts apparently uncovered a vulnerability that can permanently change the behavior of apps in iOS.
HTTP Request Hijacking Attack
While you're connected to the malicious network, the attacker monitors your traffic and looks for apps retrieving information from servers. Then the attacker intercepts that request and sends a 301 HTTP status code back to the application. This is a permanent redirection error, and tells the browser that the server it's looking for has been permanently moved to another location.
All the vulnerable apps, will cache the change made by the 301 code and continue to connect to the redirected server for the foreseeable future. In a non-malicious scenario, this is great for users since it means faster and more reliable connections. But when the attacker sends his 301 error, it forces the application to start loading information from his server. Such an attack could be subtle, maybe feeding fake stories or inaccurate stock information to manipulate the market. Or an attacker could conceivably mirror all the information from a news app's server but inject malicious links for phishing, or worse.
The best thing users can do is to keep their apps up to date, as developers are likely to begin implementing fixes across vulnerable apps. If you think you've already been hit by this particular attack, you should un-install the suspect application and then reinstall it from the App Store.
Avoiding this attack in the future is easier in theory than it is in practice. "It is always safer to not to connect to [unsecured] WiFi networks, but at the end of the day we always do," . Sometimes, it's not even an issue of convenience as phones are can connect to Wi-Fi networks without user actions.
If you like this post, please like us on Facebook too.