A bug in a widely used piece of networking software temporarily exposed around a thousand iOS apps to the possibility of hacking, and some are still at risk. The bug was in AFNetworking, a bit of open-source code that at least 20,000 apps use — though only 5 percent of them used the specific version and section that contained the bug, cybersecurity firm SourceDNA reported on Monday. That 5 percent would not be able to properly use HTTPS, the secure version of the common web protocol. While that flaw wouldn't blast your private info out into the open, it would make it easy for a hacker to trick the app into sending unencrypted data.
You can see whether any iPhone and iPad apps you use regularly are on the list using a search tool provided by SourceDNA. As of Monday night, Uber was on there and still vulnerable, for instance, and Yahoo Finance also had the bad code, though it has since issued an update. Any of the apps listed could be (and probably is) working on a fix.
If apps you use are affected, wait for a new version to come out or else you are putting your data at risk. If you had an affected app previously or it has been fixed, you might want to change your passwords and keep an eye out for any suspicious transactions on your credit card bill.
- Could Sony Hack Scare Other Companies Into Beefing Up Cybersecurity?
- FBI Investigates Possible ISIS Supporters' Hack of Western Sites
- Sony Hack Is Bad, But the Real Cyberwar Is All Around You