FireEye has detailed an iOS hack dubbed “Masque Attack II,” a second attack in a series of four that threaten security of Apple devices.

The first Masque Attack, uncovered in November, allowed miscreants to steal user data from app caches, but FireEye explains that Masque Attack II give hackers the means to bypass the iOS prompt for trust and carry out app URL scheme hijacking which could lead to phishing attacks, a Thursday blog post explained.

Apple's iOS 8.1.3 security update secured devices against one part of Masque Attack II, which bypasses an iOS security mechanism (used to confirm that users trust enterprise-signed apps they are opening for the first time).  But FireEye noted that fixing the URL scheme hijacking issue “may not be easy for Apple,” due to the way the App Store handles URL scheme sharing amongst apps by different developers.