Palo Alto Networks warns iOS users of the ‘BackStab’ attack

Palo Alto Networks, a cybersecurity company, has revealed details of a new "BackStab" attack that it says is used to steal private information from mobile device backup files stored on a victim's computer. 

Used to capture text messages, photos, geographic location data, and almost any other type of information stored on a mobile device in their possession, BackStab has been employed by both law enforcement and cyberattackers, claims Palo Alto Networks. BackStab attacks have evolved to leverage malware for remote access and iOS devices have been a primary target for attacks, as the default settings in iTunes® store unencrypted backup files in fixed locations and automatically sync devices when they are connected to a user's computer, adds the cybersecurity group.

“Cybersecurity teams must realize, just because an attack technique is well-known, that doesn't mean it's no longer a threat,” says Ryan Olson, director of threat intelligence, Unit 42, Palo Alto Networks. “While conducting our research into BackStab attacks, we gathered over 600 malware samples from 30 countries around the world that were used to conduct remote BackStab attacks." 

He says that iOS users should encrypt their local backups or use the iCloud backup system and choose a secure password. Users should upgrade iOS devices to the latest version, which creates encrypted backups by default. When connecting an iOS device to an untrusted computer or charger via a USB cable, users should not click the "Trust" button when the dialog box is displayed.