Earlier this week, security research firm FireEye pointed to a flaw that it called Masque Attack, which could allow malicious apps to be installed on iOS devices, replacing official third-party apps to mine data.
Apple has now responded to the issue. In a statement to iMore, it says: “We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software. We’re not aware of any customers that have actually been affected by this attack.
“We encourage customers to only download from trusted sources like the App Store and pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company’s secure website.”
So there you have it: you’d need to ignore all the built in security features to be caught by the Masque Attack.