Security researchers have discovered a vulnerability in iPhones and iPads that allows attackers to install fake apps that take the place of legitimate ones.
FireEye, a mobile security company, said the problem, which it calls “Masque Attack,” allows attackers to gain access to vast amounts of personal information.
In a video demonstration of the attack, an iPhone was sent a URL to install a new version of the “Flappy Bird” game. When the link was clicked, the iPhone asked the user to confirm installation of the game, but upon that confirmation what was actually downloaded and installed was a compromised version of the Gmail app.
Read more at InfoWorld.com.