Masque Attack is the name given to a malware discovered last year for the iOS platform and updated this year to become much more dangerous than it was in the initial version, being able to infect iPhone terminals at will.
If in the original version users had to manually install a hacker's application and give it the status of "trusted" application in iOS, the new version of the malware Masque Attack implements its functionality alone and much more simply.
More precisely, if a user accesses a web link published by a hacker, then the infected application or applications are automatically installed in the terminal without the person knowing what is happening, the hacker then being able to steal anything from that application without being bothered by someone.
According to a cyber security researcher, this version of Masque Attack clones popular applications from App Store such as: Facebook, WhatsApp Messenger, Facebook Messenger, etc., and includes a special system that allows a hacker to steal data at will, all without the terminals having to be jailbroken beforehand.
The most recent version of the Masque attack uses a technique called 'URL Scheme Hijacking.' The attacker is initially able to bypass the mechanism used by Apple to ensure that a user trusts an app that is being installed.
In practice, the infected application will look like the normal one from the App Store, but it will also include monitoring software that allows the theft of any type of data, including passwords, card information, bank accounts and anything you type in the respective application while using it.
Unfortunately, everything is done in the background without the user knowing, believing that he has accessed a wrong link, while in the background the infected application is automatically installed and then transmits data to hackers interested in stealing it to use it for various purposes .
If you can be tricked into clicking on a link on your phone to install an application then any of your apps could be replaced with a malicious version. It could look identical to the standard app but have extra functionality. Once installed, the new malicious application can hijack the communications used by legitimate apps and steal information, such as login credentials.
The great novelty brought by this version a Masque Attack is that it removes the security system implemented by Apple and does not require the application to be marked as "trusted" in order to be installed, the installation being done automatically.
Considering that applications such as Facebook, WhatsApp Messenger, Facebook Messenger, Viber, Skype and many others were cloned to be offered for infection, the problem is a major one and now users have no way to defend themselves against such an attack.
Of course, Apple has not yet commented on the problem, but the worst part is that a person has no way of knowing that he is infected, so be very careful what kind of links you access from Safari for iOS.
