News and Resources

Keyboard Spies: Now on iPhones

Loyal Kaspersky Daily readers are already aware of the recent mobile security trends: the hottest topic among cybercriminals are mobile banking Trojans. When you do your banking on a smartphone, thieves can intercept everything they need to steal from you – usernames, passwords, even one-time passwords being sent via text messages. However, until recently, these threats seemed to be relevant only to Androids– due to strict application restrictions in iOS and its curated app store, iPhone users rarely met mobile threats other than phishing. Now it turns out that iOS is not that safe after all. The SSL bug dubbed “goto fail”, which is fixed in iOS 7.0.6, enabled hackers to intercept or modify the content of seemingly secure encrypted communications. But it’s definitely not the end. A security company FireEye published the research, which describes the method of intercepting all keyboard- and touchscreen-related events in iOS, effectively making it possible to create a keylogger on an iOS device without a jailbreak.