New iOS Keylogging Vulnerability Discovered 72
exomondo writes "Following hot on the heels of the iOS (and OS X) SSL security bug comes the latest vulnerability in Apple's mobile operating system. It is a security bug that can be used as a vector for malware to capture touch screen, volume rocker, home button and (on supported devices) TouchID sensor presses, information that could be sent to a remote server to re-create the user's actions. The vulnerability exists in even the most recent versions of iOS and the authors claim that they delivered a proof-of-concept monitoring app through the App Store."
Re:Can we just go back to the gotofail bug for a s (Score:5, Informative)
They just released the patch for OS X, actually.
http://appleinsider.com/articl... [appleinsider.com]
Re:stfu and learn noob (Score:4, Informative)
Yeah, that one piece of malware is a real pain.
Yes, malware for OSX and iOS does exist. It is very possible. But the problem seems to be about the same size as malware for Linux at this stage. By that I mean there is very little of anecdotal evidence of widespread, active malware in the wild targeting OSX, iOS and Linux. The same can't be said for Windows.
So far I've never been hit on OSX, iOS or Linux. I've had plenty of Windows machines go down in flames though. I still have friends of family for which this is a fairly regular occurrence. Even myself, I had a fully patched Windows VM just for testing websites in IE. No antivirus installed. Visited some legitimate news and html/css sites... Boom. Malware installed.