Beware of sandbox attacks, iOS vulnerabilities threaten Bitcoin and Ethereum wallets

Even though Bitcoin and Ethereum wallets have only recently started to appear on the iOS App Store, cryptocurrency users need to be extra vigilant. A new hack allows attackers to switch out legitimate apps with malicious versions. This also means that we are likely to see fake Bitcoin and Ethereum wallet versions released in the near future.

However, it must be noted that this attack requires the attacker to have physical access to the device. For most people, this may obviously reduce the probability of being attacked, but don't simply think that this threat will suddenly disappear. This vulnerability was disclosed at the Hack in the Box conference last week, and Apple still has not fixed it. In addition, this attack still works on non-jailbroken iOS devices.

So what exactly does this iOS vulnerability do?

Apparently, this iOS vulnerability was discovered around January 27, 2016. Although Apple tried to fix the vulnerability, at the same time, their patch was incomplete. There are still several factors that make this vulnerability exploitable to this day. An attacker needs a restricted developer certificate, which requires an email address and Apple ID.

This attack is called "Sandjacking" and allows an attacker to access the contents of an app's sandbox. Sandjacking works by backing up the device and deleting the original app and replacing it with a rogue version. Once the device owner initiates the "backup restore" feature, the compromised app is automatically installed. When users are asked to manually approve these apps, it's likely that they'll go right through this list, not giving them a second option at all.

Some people might think that gaining physical access to an iOS device is difficult. But at the same time, there are many repair shops, family members, and friends who have access to our devices. While it is said that one should not trust anyone else with one's devices, this situation makes the attack opportunities more than most people expect.

This poses a significant risk to cryptocurrency users using iOS devices. So far, Apple has not reported any apps that have been hijacked by exploiting this vulnerability. But it is not impossible that we may see malicious Bitcoin and Ethereum wallet apps appear at some point in the future. Therefore, users need to be careful when handing their devices over to others.