Few days back there has been a news that there are many malicious app that has been found on the Apple's official app store and then they started revising all the apps. Recently Apple has kicked many malicious apps that serves to be a malicious ad blocker from App store.
Actually the apps sits between the users and the servers and then compromises the security of SSL and thus gaining credentials or other personal information from the device.
This happens due to the Root Certificate that has been used for any server communications. A server who wants to communicate will send the Root certificate with respect to Public Key Infrastructure and then the browser will validate the certificate and establishes the connection.
This is the normal working of the Root Certificate and now while the server sending the certificate the app will sit between the end user and the server and compromises the security and then steals the personal information.
Many apps that does this in the name of Ad Blocker has been removed by Apple from its App Store and the name of Apps has not yet been released by Apple.
Apple is yet to release the name of those malicious apps and until then the users are asked to uninstall any suspicious app from their devices.
P.S : The post is to create awareness and not to create any negative impact.
No comments:
Post a Comment