Major security concern.
Krause added that the keyboard inputs and taps monitored include sensitive data like credit card information and passwords.
Krause advised those who want to protect themselves from malicious usage of the code to open external websites using iOS’ default browser Safari or whatever default browser they use.
“Whenever you open a link from any app, see if the app offers a way to open the currently shown website in your default browser,” Krause said. “During this analysis, every app besides TikTok offered a way to do this.”
“The researcher said users simply need to open an app they wish to analyze, share the address InAppBrowser.com somewhere inside the app (such as in a direct message to another person), tap on the link inside the app to open it in the in-app browser, and read the details of the report shown,” reported tech news outlet MacRumors.