Bitcoin Sandjacking iOS Exploit Threatens Bitcoin and Ethereum Wallets
Jp Buntinx · @http://twitter.com/jdebunt | Jun 01, 2016 | 03:56
Albeit Bitcoin and Ethereum wallets have only recently started appearing on the iOS App Store; cryptocurrency users will need to be extra vigilant. A new hack allows attackers to switch legitimate applications with malicious versions. This also means we may very well see fake bitcoin and Ethereum wallet releases in the future.
Also read: Allwinner Leaves Root Exploit in Linux Kernel, Putting ARM Devices at Risk
It has to be said, however, this attack requires the assailant to have physical access to the device in question. To a lot of people, this may apparently mitigate the attack vector, but do not be fooled into thinking the threat is over all of a sudden. The vulnerability was disclosed last week during the Hack in the Box conference and has still not been patched by Apple. Moreover, this attack works on non-jailbroken iOS devices as well.
So What Does This iOS Vulnerability Do Exactly?
Apparently, this iOS vulnerability has been around since January 27 of 2016. Although Apple tried to fix this vulnerability in the meantime, their patch was incomplete. To this very day, there are several factors which allow for this vulnerability to be exploited. Attackers need a restricted developers certificate, which requires an email address and Apple ID.
Sandjacking, as this attack is called, grants an assailant access to an application’s sandbox content. Sandjacking works by backing up the device and removing the original application to replace it with a rogue version. Once the device owner initiates the “restore from backup” function, the corrupted application will automatically be installed. While the user will need to manually approve on these apps, it is very likely they will just go through the list without giving it a second thought.
Some people may argue that obtaining physical access to an iOS device is tough. At the same time, there are so many repair shops, family members, and friends who have access to our devices. While no one is saying no one should be trusted with one’s device, the chance of getting attacked is a lot bigger than most people anticipate.
This poses a significant risk for cryptocurrency wallet users owning an iOS device. So far, Apple has not reported any hijacked applications making use of this vulnerability. But it is not unlikely we may see malicious Bitcoin and Ethereum wallet apps appear at some point in the future. Users need to be careful when handing over their device to someone else.
What are your thoughts on this iOS vulnerability? Will it affect cryptocurrency enthusiasts in the future? Let us know in the comments below!
Source: Threatpost
Images courtesy of Apple, Shutterstock
