How to check your iPhone and iPad for the AFNetworking SSL snooping hack

afnetworking hack
Credit: SourceDNA

More than 25,000 iOS apps may be vulnerable to a dangerous, privacy-invading AFNetworking SSL hack -- here's how to check to see whether your iPhone or iPad  might be vulnerable.

The SourceDNA site reports that more than 25,000 iOS apps suffer from an AFNetworking SSL flaw that lets hackers launch so-called man-in-the-middle attacks or steal your data, including private financial information.

Financial apps including Bank of America, Wells Fargo, and JPMorgan Chase may be affected. That's just a start. Microsoft's OneDrive iOS app may be vulnerable as well, as well as thousands of other apps.

The problem is caused by a flaw in the open-source code library AFNetworking, which lets developers easily add networking capabilities to their iOS apps. Apps that use any version of AFNetworking lower than 2.5.3 could allow hackers to grab data from the app, even if it's protected by the secure sockets layer (SSL) protocol.

It's easy to check whether any of the apps you use are vulnerable. Head to SourceDNA's Searchlight Web page in any browser on any computer and search for any iOS app. The site will tell you whether the app is vulnerable.


ITWorld DealPost: The best in tech deals and discounts.