Apple Password App Turns Out To Be Vulnerable For Phishing Attacks

Apple's Password App (photo: dock. Apple)

JAKARTA Last year, Apple introduced a password manager application called Password. This application was created to make credential management easier than ever.

Simply put, this application is designed to make it easier for users. However, it was recently revealed that a trusted Password can strengthen the security of the cellphone actually brings bugs or problems that can harm the user's data.

Based on 9to5mac findings, Password presents a very serious HTTP bug and makes the app vulnerable to phishing attacks. This problem comes from the time iOS 18 was released until the company launched iOS 18.2.

This means that Password has been an unsafe application for three months. This vulnerability bug was addressed by Apple last December, but the company only revealed what it fixed on iOS 18.2 through Apple's help page.

This bug was first discovered by Mysk, the developer on iOS. The developer says that Password not only takes logos and icons via HTTP, but also opens password reset pages automatically.

This action is carried out using unencrypted protocols so that users are vulnerable to phishing. Attackers who have special network access could obstruct HTTP requests and direct users to phishing websites.

Most likely, not many people know about the vulnerability issue of this Password app. To avoid serious problems in the future, make sure that the iPhone you are using is already running version iOS 18.2 or later.