Home Security iOS malware sidesteps iPhone mobile device management
iOS malware sidesteps iPhone mobile device management Featured

Even with Apple’s latest security enhancements, vulnerabilities in iOS 9 can expose sensitive personal and business information to cyber criminals.

Check Point; a pure-play security vendor has released information to the Black Hat Asia 2016 conference on SideStepper a vulnerability that can be used to install malicious enterprise apps on iPhone and iPad iOS 9.x devices enrolled with a mobile device management (MDM) solution.

SideStepper (free whitepaper – registration required) allows enterprise apps to be installed using an MDM certificate that is exempt from iOS 9.x security enhancements. It allows a cybercriminal to imitate trusted MDM commands including the over-the-air installation of apps signed with enterprise developer certificates.

This exemption allows an attacker to side-step Apple’s solution meant to thwart installation of malicious enterprise apps.

How do iPhone and iPad devices become exposed?

The cybercriminal uses a phishing attack to convinces a user to install a malicious configuration profile. This simple and often effective attack method uses familiar messaging platforms like SMS, instant messaging, or email to trick users into following a malicious link.

Once installed, this malicious profile allows an attacker to stage a Man-in-the-Middle (MitM) attack on the communication between the device and an MDM solution. The attacker can then hijack and imitate MDM commands that iOS trusts, including the ability to install enterprise apps over-the-air.

What iOS devices are at risk?

The vulnerability potentially impacts millions – any - iPhone/iPad devices with an installed MDM solution.

How would I know if my iPhone/iPad is under attack?

Apple does not allow access to iOS by third party providers of advanced mobile threat detection and mitigation so there is little chance a user would suspect any malicious behaviour had taken place.

On a managed iOS device commands from an MDM are trusted, and because these commands appear to the user as coming from the MDM that already manages the device, the entire process seems authentic.

What is the risk if the vulnerability is exploited?

There are some MDM commands an attacker could use to exploit the vulnerability ranging from nuisances to data exfiltration. Attackers can install malicious apps that include a broad range of functionality.

Since iOS trust these apps, and because the installation process is familiar to the user, infection is seamless and immediate. This vulnerability puts the user, the security of sensitive information on the device, and voice conversations in proximity to the device at significant risk. Malicious apps can be designed to:

  • Capture screenshots, including screenshots, captured inside secure containers
  • Record keystrokes, exposing login credentials of personal and business apps and sites to theft
  • Save and send sensitive information like documents and pictures to an attacker's remote server
  • Control sensors like the camera and microphone remotely, allowing an attacker to view and capture sounds and images


Site24x7 Seminars

Deliver Better User Experience in Today's Era of Digital Transformation

Some IT problems are better solved from the cloud

Join us as we discuss how DevOps in combination with AIOps can assure a seamless user experience, and assist you in monitoring all your individual IT components—including your websites, services, network infrastructure, and private or public clouds—from a single, cloud-based dashboard.

Sydney 7th May 2019

Melbourne 09 May 2019

Don’t miss out! Register Today!



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!


Popular News




Guest Opinion


Sponsored News