by Lilang Wu, Yuchen Zhou, Moony Li
Apple manages application security and privacy concerns by using a sandbox mechanism for iOS that constrains the reachable resources for each application. This was created to contain damage if an app was compromised, and all apps distributed through the App Store adopt it. However, because of this access control, communication between apps becomes more difficult.
Fortunately, Apple provides several carefully designed methods to assist app communication, the most common of which is the URL Scheme. In essence, this is a feature that allows developers to launch apps on an iOS device through URLs. It is a method of conveying information from one app to another. For example, when a URL with facetime:// is opened, FaceTime places a call — this is the URL Scheme coming into play. It is a very convenient shortcut; but the URL Scheme is designed for communication, not security.
Below, we discuss how abuse of the URL Scheme can potentially result in the loss of privacy, bill fraud, exposure to pop-up ads, and more. We illustrate the misuse using several official iOS apps from the Chinese market, notably the messaging and mobile payment app WeChat and the retail app Suning. There are many other apps with the same features and capabilities as WeChat and Suning that are also vulnerable to the attacks outlined below. We notified and coordinated with vendors, particularly WeChat, and reported these attacks to the ..
Support the originator by clicking the read the rest link below.
