The U.S. government warned Apple gadget owners Thursday to look out for hackers exploiting a newly revealed vulnerability in the mobile operating system iOS.
The so-called “Masque Attack” was disclosed earlier this week by the network security firm FireEye and allows a hacker to replace an iOS app with malware, according to an alert posted on the website of the U.S. Computer Emergency Readiness Team, which operates under the Department of Homeland Security.
MORE: How to Avoid the ‘Biggest’ iPhone Malware App Attack Yet
“This technique takes advantage of a security weakness that allows an untrusted app—with the same “bundle identifier” as that of a legitimate app—to replace the legitimate app on an affected device, while keeping all of the user’s data,” the warning states. “This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier.”
The agency warns iOS users not to install apps from sources other than Apple’s official app store or their own organizations, among other precautions.
More Must-Reads from TIME
- Welcome to the Noah Lyles Olympics
- Inside Fiji’s Fiery Battle Against Plastics
- Column: As Biden Vies to Salvage Nomination, Growing Chorus of Democrats Say It’s Too Late
- How to Watch Lost in 2024 Without Setting Yourself Up for Disappointment
- How to Buy Groceries Without Breaking the Bank
- The Rise of the Thirst Trap Villain
- Why So Many Bitcoin Mining Companies Are Pivoting to AI
- The 15 Best Movies to Watch on a Plane
- Get Our Paris Olympics Newsletter in Your Inbox
Write to Noah Rayman at noah.rayman@time.com