The U.S. government warned Apple gadget owners Thursday to look out for hackers exploiting a newly revealed vulnerability in the mobile operating system iOS.
The so-called “Masque Attack” was disclosed earlier this week by the network security firm FireEye and allows a hacker to replace an iOS app with malware, according to an alert posted on the website of the U.S. Computer Emergency Readiness Team, which operates under the Department of Homeland Security.
MORE: How to Avoid the ‘Biggest’ iPhone Malware App Attack Yet
“This technique takes advantage of a security weakness that allows an untrusted app—with the same “bundle identifier” as that of a legitimate app—to replace the legitimate app on an affected device, while keeping all of the user’s data,” the warning states. “This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier.”
The agency warns iOS users not to install apps from sources other than Apple’s official app store or their own organizations, among other precautions.
More Must-Reads from TIME
- Donald Trump Is TIME's 2024 Person of the Year
- Why We Chose Trump as Person of the Year
- Is Intermittent Fasting Good or Bad for You?
- The 100 Must-Read Books of 2024
- The 20 Best Christmas TV Episodes
- Column: If Optimism Feels Ridiculous Now, Try Hope
- The Future of Climate Action Is Trade Policy
- Merle Bombardieri Is Helping People Make the Baby Decision
Write to Noah Rayman at noah.rayman@time.com