View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 27, 2015

iOS devices suffering from Ins0mnia

Apple security team claims the vulnerability was fixed in iOS 8.4.1.

By CBR Staff Writer

Researchers have found out a vulnerability named Ins0mnia that allows terminated applications to run in the background for an unlimited period of time.

The vulnerability allows the application to bypass Apple’s background restrictions and run the application even if it is not visible in the task switcher.

The iOS task switcher displays a list of recently opened apps. When a user directly closes the application using the home button, it goes into the background and usually runs for three minutes.

Users can choose to completely shut down an app by removing it from the task switcher. The feature prevents applications from eavesdropping in the background and ensures predictable responsiveness in user interaction.

However, Ins0mnia vulnerability helps applications to surpass the restrictions, allowing malicious application to run in the background and steal sensitive user information.

The flaw can also be used to degrade system usability, performance, and drain the battery.

The attack masks the reality by fooling the device into believing that the application is being debugged. This process stops the system from suspending the application even when the permitted duration expires.

Content from our partners
How to engage in SAP monitoring effectively in an era of volatility
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility

FireEye mobile researchers found out that unlike other iOS malware, Ins0mnia did not require anything that is banned by Apple to create problems, and it could easily bypass the Apple Store review making it easy for attackers to distribute.

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.