Connect with us

1,500 iOS Apps At Security Risk Due To HTTPS-crippling Bug

1,500 iOS Apps At Security Risk Due To HTTPS-crippling Bug
the iOS family pile (2012) Blake Patterson/Flickr CC BY-SA 2.0


1,500 iOS Apps At Security Risk Due To HTTPS-crippling Bug

An HTTPS-crippling bug has become a major issue, with about 1,500 apps for the iPhone and iPad affected. The bug makes it easy for hackers to get bank account numbers, encrypted passwords and information that are user-specific and sensitive.

An iOS bug report says that the bug was in AFNetworking, an open-source code used by more than 20,000 apps. The section that contains the bug, however, only amounts to 5 percent of the number.

Some apps affected with the HTTPS-crippling bug are popular ones. More than 2 million people use these apps.

The flaw is associated with version 2.5.1 introduced in January. Though an updated version is available, there are apps that still use the older version.

The bug makes it easy for attackers to monitor the connection of devices. A fraudulent security certificate is all that is needed to bring the bug into action. In normal cases, such attacks are detected automatically, but as there is a logic error in the app, no validation is done.

On Monday, cybersecurity firm SourceDNA reported that the affected apps will not be able to use HTTPS properly.

The cyber security firm has asked users not to be worried, as it has introduced a tool for checking the vulnerability. As per the latest detection, Uber and Yahoo Finance contain the bad code. The apps listed in the iOS bug report are currently working on the fix.

Continue Reading
You may also like...

About Sohini Auddy

Sohini Auddy is a passionate writer about TV shows, movies, and celebrities. Missed a show and want a recap? She’s the girl to go to. She always keeps herself updated on Hollywood happenings and gossips. Who’s doing what? Who’s seeing who? Who did something scandalous again? Follow her to know all these and more. 

More in Technology

Good News

To Top