Trend Micro security researchers have found that hackers can use the iOS URL Scheme to launch attacks on certain apps. Criminals may also steal sensitive user information from apps.
The iOS URL Scheme was designed by Apple itself as a compensating workaround for its mobile sandbox technology. It is a feature that allows apps to load onto an iOS device using URLs.
The feature allows apps to share information with each other, while limiting the extent of damage should an app be compromised.
However, Trend Micro researchers found that several iOS apps that can be downloaded in China are vulnerable to attacks with the iOS URL Scheme. It’s specifically about WeChat and Suning.
It appears that multiple apps can abuse the same Sample:// URL Scheme. For example, hackers can use this shared Scheme to request a login token for a user’s WeChat account, and abuse that token to authenticate themselves in Suning.
If successful, cybercriminals can steal sensitive information and abuse both accounts. It is also possible to misuse the feature to trick one user into paying someone else’s bills, and to launch other rogue apps.
This is not the first time that such an abuse of the iOS URL Scheme has been detected. For example, FireEye saw in February 2015 an updated version of the Masque Attack iOS error called Masque Attack II.
The exploit used the ability to bypass iOS prompts and adopted the native URL Scheme to handle communication between apps. In addition, the exploit was used by hackers to launch phishing attacks designed to steal users’ login credentials.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.