The researchers at information security firm FireEye have said that hackers might be able to record keystrokes of an iPhone or iPad user by running a background application without user’s knowledge.
FireEye has claimed in the blog post that this background monitoring is possible on both non-jailbroken and jailbroken devices powered by iOS 7. The security researcher team of FireEye was able to run a background application on an iPhone and record all user activity including keystrokes, screen tapping, pressing of volume button, pressing of home button and then send this data to a remote server.
The demo app of FireEye exploited the vulnerability successfully on a non-jailbroken iPhone 5S running iOS version 7.0.4 which is the latest version. The team, however, said that the same vulnerability is also present in other iOS versions. The vulnerability is also present in iPad.
This latest revelation about Apple iOS security comes on the heels of an earlier embarrassing disclosure about SSL vulnerability found in Apple devices which Apple is rushing to patch and has been able to address only partially so far.