According to mobile security researchers from the mobile security company Skycure, they have discovered a new security vulnerability in mobile iOS applications when the iOS apps are using Wi-Fi networks. The security vulnerability allows attackers to persistently alter the server URL from which a mobile app loads its data, so that instead of loading data from realserver.com, for instance, the attack makes the app load data from attacker.com, without the victim knowing that this data change has taken place. Attackers could use that altered app data to load malicious links, or insert fake, market-moving news into a mobile news application.
The researchers from Skycure say that this security vulnerability is present in hundreds of mobile apps that they tested, including stock management & news applications.
If this security vulnerability is indeed present in hundreds of stock management & news apps running on iOS, this could be a security vulnerability that could affect/harm many users of various Apple mobile devices that use iOS based apps on Wi-Fi systems.
This would be another important security issue for Apple to develop iOS patches to fix the stated security vulnerability for iOS based mobile apps so that users of those mobile apps can have at least some guaranteed level of protection when using iOS based apps on Wi-Fi networks (at least on the iOS client side if not the Wi-Fi network/server side).
Please see the article below: