Programming Error Exposes Thousands of iOS Apps to Hijacking

From PC Mag: Thousands of iOS apps apparently contain a programming error that can expose the products to hijacking, according to security researchers in China.

Pangu Team, a group of iPhone jailbreaking experts, say they discovered the problem while auditing several iOS apps. The programming error can let a hacker on the same Wi-Fi network as an iPhone to overwrite data and execute code within the affected apps.

"Surprisingly, we found that around 10 percent iOS apps might be affected by the same or similar issues," the team said. To come to this number, the jailbreaking experts took a sample of 169,000 iOS apps, and found that close to 16,000 had the flaw.

Pangu has created a website about the programming error, which they're calling "ZipperDown." They've also uploaded a video, demonstrating the problem. In it, the user downloads a Chinese microblogging service called Weibo, which is then hacked over an open Wi-Fi network to gain remote code execution within the app.

View: Article @ Source Site