Bug Based on iOS Mail Can Steal Your iCloud Password

A new iOS Mail bug is found. It can be dangerous for iPhone and iPad users because it can get your passwords. How can you protect iPhone password? How does this bug act? Is Apple aware of the new malicious program?

The iOS bug stealing passwords has been reported by security expert Jan Soucek. According to him, third-party individuals who might use this bug can steal the passwords by emailing the scam message with pop-ups that remind of iCloud prompts [by the way it is possible to bypass iCloud using DNS method]. Users who get unknown or suspicious pop-up window and enter their password can actually pass it over to the malicious group of hackers.

It is important to secure your passwords and protect iPhone and iPad password by not providing it to anyone even through the Mail messages. As researchers found out, it could be possible to send emails with special buggy HTML content to target audience and ask users to enter their passwords.

Apple knows about this bug. The company is reportedly working on the fix, however right now you might be at danger no matter what firmware you are running. The bug might target both iOS 7 and iOS 8 platforms [including the most recent iOS 8.4 beta 4]. Besides, it can also harm users who are testing iOS 9 beta 1 that was released earlier in June.

Not all users know about the Mail.app inject kit thus the bug becomes even more dangerous because iPhone and iPad owners who trust iCloud and believe they see the familiar prompt might input their important password and someone could collect it and use on user’s behalf.

It’s better to stay suspicious and re-check all the pop-up message that ask for your passwords or personal information. If your iCloud password is entered you might like to change it at once otherwise someone could access your iCloud account. Do not ignore the basic steps that can protect your iPhone, iPad and iCloud account from being accessed by third-party individuals.