‘Vulnerable’ iOS Cut-and-Paste Data in iPhone or iPad Devices
Any cut-and-paste data temporarily stored to an iPhone or iPad’s memory can be accessed by all apps - malicious or not - installed on a device.
According to a Threatpost article, that data can then reveal private information such as a user’s GPS coordinates, passwords, banking data or a spreadsheet copied into an email. A German software engineer, Tommy Mysk, is trying to raise awareness on what he believes is an Apple vulnerability. Mysk created a rogue proof-of-concept (PoC) app called KlipboardSpy and an iOS widget named KlipSpyWidget, which demonstrate how any app installed on an iOS device can act maliciously and access clipboard data and use it to spy or steal sensitive personal information.