Suddenly Prayer Content: Attackers Apparently Probing Apple's Podcasts App
Unknown users are currently testing whether the Podcasts app, pre-installed on billions of devices, can be used as an entry point, warns a security researcher.
(Image: Primakov / Shutterstock.com)
Apple Podcasts is apparently behaving unusually for some users: according to a report, the app unexpectedly opens without user intervention and then displays various episodes of obscure podcasts on topics such as religion and spirituality, as 404 Media reports. This has been happening repeatedly on iPhones as well as Macs for several weeks. One of the surprisingly displayed podcast episodes also contained a link to a presumably malicious website.
Security Researcher: Attackers Likely Conducting Tests
Attackers are capable of automatically launching Apple's Podcasts app and displaying a podcast of their choice, as security researcher Patrick Wardle, who specializes in Apple platforms, explained to 404 Media. For example, visiting a website is enough to trigger this behavior – without the user having to confirm it first. Wardle emphasized that this alone is not an attack, but it provides a "very effective delivery mechanism." The test runs also show that attackers are actively exploring what they can do with Apple Podcasts.
Videos by heise
According to the report, one of the links embedded in a podcast episode led to a website manipulated via cross-site scripting (XSS). However, it remains unclear whether an attack was actually carried out through it; users normally also have to manually click on such links in Apple Podcasts. Inquiries to Apple remained unanswered, 404 Media writes.
Apple Podcasts as a Potential Entry Point
Apple Podcasts is pre-installed on Apple devices such as iPhones, iPads, and Macs, giving it a practically billion-strong audience. Unlike Apple's other content apps like TV and Music, podcasts can also be listed in the directory without major hurdles.
If the Podcasts app opens independently and displays unwanted content, users should close the program and, to be safe, not interact with it – meaning, do not click on links or start playback.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(lbe)
