The "Masque Attack" allows hackers to replace one of the users' existing apps with malware, FireEye reported in a blog post.
The vulnerability affects iOS 7.1.1., 7.1.2., 8.0, 8.1 and 8.1.1 beta.
A "limited form" of the Masque Attack was used in the recent "Wirelurker" attacks in China. The Wirelurker malware could install third-party apps in regular, non-jailbroken iOS devices, then hop from infected devices to other Macs and iPhones through USB connector-cables.
However, FireEye said, "Masque Attacks can pose much bigger threats than Wirelurker." For example, they could replace a user's banking and email apps with malware that sends banking and email data directly to the attackers.
FireEye said that in order to attack, cybercriminals must give their malware the same identification string, called a bundle identifier, as an existing app. The iOS bug means that if it has the same bundle identifier as an existing app, iOS won't check its security certificate to determine if it came from a legitimate source.
FireEye notified Apple of the bug on July 26.
The company says users can protect themselves by:- Installing apps only from Apple’s official App Store or the user’s own organization and not from third-party app stores.
- Never installing an app from a third-party web page pop-up.
- Uninstalling any apps that show an alert with “Untrusted App Developer” when the user tries to open it.
ALSO ON HUFFPOST: