Your iPhone could be watching you.
Apple on Wednesday issued a patch for a flaw that could let hackers hijack your phone, copying what you type and making purchases without your knowledge. To do that, hackers would have to create a fake Wi-Fi network that you would then connect to. After that, your phone’s information is up for grabs.
There’s no indication that any bad guys have actually done this, but it’s a useful reminder to guard the information we’ve stored on our phones.
“We live off of these things,” said Reg Harnish, CEO of cybersecurity firm Greycastle.
In the past decade, phones have gone from pocket-size communicators to the center of our world. We buy and sell things with our phones, or do our taxes, check our bank accounts, and communicate with everyone we’ve ever met. Our phones are like a fingerprint of our lives.
So while iOS 9.2.1 — which also happens to be the first public (as opposed to beta) update of iOS 9.2 — might look like a minor update, it’s still important to install.
Apple declined to comment on the vulnerability, which researchers at cybersecurity firm Skycure reported to the company in June.
Skycure researcher Adi Sharabani said attackers could do all sorts of damage once they’ve snared your phone on their fake network. They could steal your cookies, which are stores of information that browsers use to communicate with websites. Often, cookies contain your passwords. And they could leave behind malicious software on popular banking and email websites that would record your typing the next time you tried to log in. That email password alone, is gold. With it, hackers could potentially steal all your other passwords.
“Attackers have list of most important data they are looking to get,” Sharabani said.
Apple isn’t the only company dealing with major security flaws. Android phones have a flaw, revealed Tuesday, that could give intruders access to the device’s core — allowing them to rewrite the phone’s software and take your information. Unfortunately, it will take a while before all Android phone users can install a patch. Unlike Apple, which controls its own universe, it’s up to the different phone carriers to issue their fixes.
The Android operating system runs far more smartphones than iOS: at the end of 2015, almost 83 percent of smartphones ran on Android, while iOS ran just under 14 percent, according to the business analysis firm IDC.
Now that smartphones rule our world, it pays to be vigilant, said Harnish. Look at those numbers from IDA another way, and you’ll see that the two operating systems run 97 percent of smartphones worldwide.
That’s a mighty tempting target for attacks.