Apple Senior Vice President of Worldwide Marketing Phil Schiller speaks about iOS 9 availability during a Special Event at Bill Graham Civic Auditorium (Photo : Getty Images/Stephen Lam)
A major security risk has been uncovered for Apple's iOS due to the discovery of SideStepper, a new exploit for the operating system. This new threat makes managed or enterprise devices open to data theft and malicious apps.
Check Point Security researchers have revealed this new threat against devices that are powered with iOS on March 31 at the Black Hat Asia 2016 event, Macworld reported. Enterprise devices can be attacked through phishing and will not leave any trace at all, which makes it more dangerous. A normal-looking message might lead an iOS device user to click a link and install a file, which in turn could make it susceptible to many cyber-attacks.
The researchers said that this flaw could make hackers take control of communications between the managed devices and the MDM solutions. Devices, data, and enterprise services could be controlled with this exploit, which could affect a lot of iOS users.
This new issue only affects the devices that are using MDM solutions, the researchers explained. This exploit can let malicious IT teams to install apps on devices used by employees, which have not been approved or hosted by Apple, according to V3.
Any app that is associated with MDM solutions is trusted by iOS, which are usually used by businesses these days, the researchers said. They also revealed that an app that has been installed by MDM will not show its origin, which lets it get inside the device without going through security measures.
Some enterprises have their own network monitoring systems that will check if there is malicious traffic, and notice patterns that might lead to abuse of their systems. There are also other MDM systems that can report to Apple if there are sudden changes.
Apple was warned by the research team about the attack in October 2015. In November 2015, the company replied that they expected the behavior of research team towards the issue. They added that the said exploit was not a flaw, and they have made safeguards against this attack.
The smartphone company also said that the iOS users were encouraged to download only from a trusted source like their App Store. Before users download and install untrusted apps and content, they were warned ahead in time.
Check out the iOS 9 review video below:
