There was the potential for hacks using a newly identified technique known as the "Masque Attack," the government said in an online bulletin from the National Cyber-security and Communications Integration Center and the U.S. Computer Emergency Readiness Teams.
The network security company, FireEye, disclosed the vulnerability behind the "Masque Attack" earlier this week, saying it had been exploited to launch a campaign dubbed "WireLurker" and that more attacks could follow.
(Also see: Apple Devices Being Targeted by 'WireLurker' Malware: Security Firm)
Hackers could potentially steal login credentials, access sensitive data stored on iOS devices and remotely monitor activity on those devices, the government said.
Such attacks could be avoided if iPad and iPhone users only installed apps from Apple's App Store or from their own organizations, it said.
Users should not click "Install" from pop-ups when surfing the Web. If iOS flashes a warning that says "Untrusted App Developer," users should click on "Don't Trust" and immediately uninstall the app, the bulletin said.
Representatives of Apple could not immediately be reached for comment.
© Thomson Reuters 2014
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.