Apple users are now facing the threat of having their information stolen because of a new malware program called "masque attack," which lets iOS users replace their apps with fake "updates," in order to retrieve the user's data.

The discovery of the masque attack malware came only a week after the "WireLurker" malware, which also affected Apple devices, was uncovered by researchers.

According to the cyber security company FireEye, the malware works by replacing already downloaded apps, with fake apps with the same name, which were downloaded through a third-party system.

FireEye discovered the malware on Monday and revealed that hackers were able to take advantage of a feature in the iOS 6 and 7 code, which allows users to download apps from a link sent via e-mail or text message.

Until recently, Apple devices were virtually unaffected by app-related malwares because apps could only be downloaded through its own app store. However, since Apple gave users the ability to install apps from third-party downloading sites, iFans' devices became more vulnerable to cyber attacks.

For a user to acquire a defective app, "you are not downloading it from the app store, you're actually downloading it from a link online," CNET reported.

According to CBS, a user could receive an e-mail requesting to update an app using a link it had provided. Upon clicking on the link, a warning prompts the user, "are you sure you want to download this?"

Once the user agrees to "update," the original app in the Apple device will be replaced by a fake app.

During an interview with Reuters, FireEye Senior Staff Research Scientist Tao Wei said that Apple's vulnerability in the app-downloading department is "very easy to exploit."

Wei said that Apple has already been notified about the issue and the company said it is already working on a solution.

FireEye expects more hackers to take advantage of the flaw in iOS apps if it's left unresolved, and on a side note, Apple refused to comment on the matter.