I read about a new variety of malware that steals passwords from jailbroken iPhones and iPads. What is the best...
way to defend against the threat?
The first action to defend against a password-stealing threat on a jailbroken device is to not jailbreak the phone in the first place. While there are many benefits of jailbreaking a phone, it significantly affects the security of the device and basically breaks some of the core security protections in iPhones.
Apple has built strict controls on the iOS app store to protect iPhones from malicious threats by preventing malware from infiltrating the app store, and also ensuring malware cannot be installed on factory default iPhones. Both of these security mechanisms are disabled when an iPhone is jailbroken.
An enterprise could detect jailbroken devices by using a mobile device management tool that can flag jailbroken devices. Then, the enterprise could follow-up with the employee to identify if they jailbroke the device themselves. If the users did not jailbreak the phone themselves, further investigation should be performed.
Jailbroken devices can also be detected via a port scan and OS detection that flags iOS devices with non-default ports open on the device. Alternately, a rule could be set up in an intrusion detection system that detects HTTP fingerprints for common apps on jailbroken iPhones.
Enterprises could also prevent passwords from being stolen by using two-factor authentication. This would help protect the authentication process and minimize the chance of a user account being compromised. But again, the best approach is to not use jailbroken iOS devices at all.
Dig Deeper on Mobile security threats and prevention
Related Q&A from Nick Lewis
A new remote access Trojan called UBoatRAT was found spreading via Google services and GitHub. Learn how spotting command-and-control systems can ... Continue Reading
CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about ... Continue Reading
The use of botnets to spread Scarab ransomware intensifies the threat for enterprises. Discover the best way to respond to such a threat and protect ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.