To set the stage for this attack, the hackers purchase an app from the Apple store, taking advantage of a flaw in Apple’s DRM protection module known as FairPlay. They save the authorization code, then design software that simulates the iTunes client behavior sufficiently to trick iOS into believing that the app was purchased by the target victim. This enables the app to be installed on the phone without the user’s knowledge or consent. Once installed, the app is used as a launch pad to install whatever else the hackers desire. Other apps, snooping protocols, and the like.
Convoluted or not, it’s a stunningly creative and effective attack that’s virtually impossible to stop. The only outward sign that you’re being targeted will be new icons for Apps that you don’t remember installing.
As bad as this sounds, there is a bit of a silver lining. For the moment, at least, these attacks have been restricted to users in China, so unless you’re there, odds are that you won’t run afoul of this attack. The hope, of course, is that Apple will be able to close the security loophole that makes this attack possible before it becomes more widespread, although at this point, there has been no word from Apple regarding a timeframe for the fix.
This latest attack clearly demonstrates just how difficult it is for any tech vendor to completely secure their equipment. The hackers are simply testing scenarios that the design team never envisioned, and it’s working. 2016 is shaping up to be a very busy year in the field of internet security.