Skip to main content

Thursday Threat Report: Apple iOS 7 flaw leaves files unprotected, texting malware spreads, and Heartbleed joins the good guys

Welcome to ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.

Rotten Apple

A glaring bug in Apple's iOS 7 mobile operating system has resulted in every email attachment sent on an iPhone or iPad being sent completely unencrypted, according to new disclosures. Security researcher Andreas Kurtz has discovered that iOS version 7.0.4 and later, including 7.1.1, has a bug that results in attachments not being encrypted.

If you're worried about your files being intercepted by hackers, make sure not to send them by email from any iOS device. Instead, send them from laptop. Failing that, it's best to use some other secure cloud service like DropBox, or Apple's own iCloud. This should ensure that your files are adequately encrypted from end to end.

The worm texts

Russian-speaking smartphone users have come under attack from an innovative form of malware that spreads like a worm through text messages.

The virus sends a text message saying "Is this your photo?" in Russian. The message then has a link to an Android application package (.APK) file containing a copy of a piece of malware called "Android/Samsapo.A".

The malware can allegedly download other malicious files to an infected phone, steal personal information including text messages from a device, and even block phone calls.

While no English-speaking variant has yet been spotted in the wild, it's only a matter of time before this kind of thing finds its way to the Anglosphere.


While the Heartbleed bug has been causing havoc across businesses and the entire security industry, we can at least take heart that cyber criminals have been having just as much of a tough time.

In fact, Heartbleed is helping cyber security researchers to turn the tide on cyber criminals by allowing them to take material from forums and chat rooms that were once impenetrable. The BBC reports that security specialists have found it easier to access forums used by criminals since the vulnerability was first discovered and the bug could be used for those ends for years to come.

"The potential of this vulnerability affecting black-hat services [where hackers use their skills for criminal ends] is just enormous," French anti-malware research Steven K told the BBC, adding that various forums have been placed in a "critical" position as a result of the bug. Every cloud...

If you're worried about Heartbleed, check out our 6 tips on how to protect your business.