Ins0mnia, an iOS 8 vulnerability which authorizes malicious apps to run in the background in an unlimited amount of time without the user's consent, poses serious security and privacy threats. However, Apple fixes the flaw in its latest iOS 8.4.1 update.
Google defines the word "insomnia" as the inability to sleep, which makes it an appropriate name to the iOS 8 flaw. Ins0mnia allows an iOS app running in the background even if the user has already terminated the app or even if the app is not present in the task switcher. It was first detected by FireEye's team of researchers who have created a comprehensive report about the bug. In the report, FireEye details on how the vulnerability works.
To quit an app, the user just double-clicks the home button of the iDevice and swipes up the app window. Normally, the Apple iOS only gives three minutes of background running time for an iOS application after it has been quitted. This control stops apps from abusing permissions. However, Ins0mnia makes these processes ineffective and creates a potential loophole for hackers to steal user data through third-party applications. The malicious app taking advantage of the flaw could deceive the iDevice to thinking that it is being debugged.
Threatpost quotes from the FireEye report to further expound on how an app exploiting Ins0mnia operates:
"To fool iOS, a malicious application could leverage ptrace, and utilize the ptrace code that handled the PT_TRACE_ME request to set the flag P_LTRACED and gracefully return 0. By setting the P_LTRACED flag, the application prevented the assertiond process from suspending the malicious application. Note that PT_TRACE_ME was a request made by the traced process to declare that it expected to be traced by its parent."
What makes the Ins0mnia bug more frightening is that a hacker app abusing the bug can even run on iDevices that have not been jailbroken unlike other Apple malwares. FireEye researchers say, "We believe that such an application had a high probability of passing the Apple Store review, making it a rare loophole for an attacker to distribute malware within Apple's walled garden." In other words, the app does not need anything in it that Apple does not allow.
Thanks to the recently released iOS 8.4.1 update, the Ins0mnia flaw has been patched up and there were also some music fixes made. Softpedia encourages iPhone owners to regularly update their software to ensure maximum user security.
Join the Conversation