Earlier this year, tech enthusiasts learned from a security researcher that various iOS apps can secretly leak login data and other personal information to hackers that know how iOS works and how to take advantage of various flaws. Three months later, it seems that many of these apps, including mobile banking application, have not been fixed yet.
According to ZDNet, Sudo Security Group Will Strafach emphasized that no less than 76 apps were susceptible to man in the middle attacks, which includes banking and medical apps. Hackers could follow these apps into leaking a user’s login details, without the user knowing. A lot of users may think that app developers would go ahead and fix their apps following the notice. Well, it turns out some of them have done so, including HipChat and Foxit. However, reports claimed that many other apps haven’t taken action.
The Majority of the apps that can leak user date will still expose login info have not been fixed which includes banking apps such as Think Mutual Bank, Emirates NBD, Space Coast Credit Union, and 21st Century Insurance, to name just a few. Other apps including private web browser Dolphin Web Browser, blood glucose level Diabetes in Check, and an app that allows Indiana residents to vote are still affected by the hack.
According to CNET, there’s no indication that anyone is abusing this iOS security flaw, but that’s not a good excuse for any app developer not to fix the issue. If ever, you might still use any of these apps, Will Strafach advises to avoid Wi-Fi networks and just use cellular data plan instead.
More than two-dozen popular apps for iPhones and iPads are still leaking sensitive information, such as login details for their services, despite having months to roll out a fix. Stay tuned for more updates as some developers trying to stop these iOS hacks.