A new vulnerability has been found in iphone by Security Research firm FireEye. The researchers at FireEye found out about a malicious Application which can work like a keylogger. It is well known that the iPhone doesnt have much but apparently this malicious app is programmed keeping that in mind, therefore it can be safely said that this App may be first of the kind of ‘Touchloggers’. The App can read every touch or tap made by the user and record the same in its log. This basically means that this app can keep data of every movement made by the iPhone user. As such even if the user locks or unlocks his/her iPhone or types anything or opens any App, this malicious App can record everything and send the logged or shall we say ‘touchlogged’ information to any external server.

FireEye is the same Security research firm which had previously discovered a major flaw/zero day vulnerability in Internet Explorer. To read that article kindly visit here :



Read More: Zero Day Vulnerability Found in Internet Explorer By FireEye Security Researchers



FireEye Says that





“We have created a proof-of-concept “monitoring” app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.”



According to FireEye this malicious App which takes advantage of a key flaw in the iOS multitasking capabilities to allow the hackers/attackers to record the iPhone users every tap or swipe, has so far only been found in Non-Jailbroken iOS 7.0.x device which means that Jail broken iPhones are immune to this particular App. FireEye has also said that the logged files containing the ‘touchlogs’ are then transferred to unknown command and control servers.



The Apps concept relies on Apple’s background refresh technology because an iPhone can run several apps in background and can collect information of every touch made on device. iPhone has Option to turn off background refreshing of applications but researchers have said that disabling background refresh may not restrict the touchlogging of this malicious app. FireEye gave the example of the “Music player App” on a iPhone. The Music Player App keeps on continuously refreshing itself even if background refresh has been disabled by the user. This App, FireEye says, works in a similar fashion, refreshing data even when background refresh is Disabled.



Until Apple releases Patch for this flaw or vulnerability, the only thing iPhone users can do is keep an eye on the running Apps in the Task Manager and kill any App/Task which seems unnatural.